IBM + Rational, one year later: The integration goes on. 
_IT pros are conspicuous by their absence from Sarbanes-Oxley planning. 
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State, U.S. Lawmakers Pushing || 
To Hinder Offshore Outsourcing | 
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Issue could be a hot 
topic in next year’s 
presidential election 
BY PATRICK THIBODEAU 
WASHINGTON 

Federal and state lawmakers 
are accelerating efforts to 
stem offshore outsourcing, 
chiefly by setting restrictions 
on the use of foreign labor in 
government contracting. 

At the same time, the issue 
is drawing attention in the 
presidential race. For instance, 
Sen. John Kerry (D-Mass.), 
who’s seeking the Democratic 
nomination, introduced legis- 
lation last month requiring 





Users Worry 


call center employees to dis- 
close their location at the 
commencement of each call. 
When introducing the legisla- 
tion, Kerry cited a Gartner 
Inc. estimate that one in 20 IT 
jobs at user companies will 
move offshore by the end of 
next year. 

There are at least nine bills 
pending in the U.S. Congress 
aimed at barring foreign 
workers from government 
contracts, and four states — 
North Carolina, New Jersey, 
Michigan and Indiana — are 
considering similar legisla- 
tion, according to a study of 
pending bills assembled by 

Offshore, page 16 


About ‘Zero-Day’ 


Attacks, Try to Secure Seaate 


System configuration 
rules, incident-response 
plans may reduce threat 


BY JAIKUMAR VIJAYAN 

NEW YORK 

So-called zero-day attacks that 
take advantage of software 
vulnerabilities for which there 
are no available fixes are start- 
ing to be viewed as a major 





threat to data security, said IT 
managers at the InfoSec 2003 
conference here last week. 
More than ever, the threat 
of such attacks underscores 
the need for companies to set 
and then require the use of 
safe-configuration policies for 
the packaged software and 
homegrown systems they use, 
conference attendees said. 
They also stressed the im- 
portance of having well-devel- 
oped patching and incident- 
response capabilities to help 
minimize the havoc that at- 
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Criticism of Electronic Voting 
Machines’ Security Is Mounting | 


| Equi ipment malfunctions, vulnerable systems 
| Stall efforts to supplant old polling methods 


have fueled the fire, as have 
thorough security reviews of 
| DREs that have been commis- 
sioned recently by election of- 
| ficials in various states. Those 
| reviews found high-risk vul- 
nerabilities in the systems 
| sold by Diebold Inc., Election 





| BY ELIZABETH HEICHLER 


As the presidential primary 
season approaches, a debate is 
raging about electronic voting 


| — and IT professionals and 
Zero-Day, page 16 | 


computer scientists are among 
the loudest critics. 

The issue has grown in ur- 
gency thanks to the Help 
America Vote Act of 2002, 
Congress’ attempt to forestall 
a repeat of the infamous Flori- 
da election debacle of 2000. 
The bill, known as HAVA, 
makes as much as $3.8 billion 
in funding available to states 





in the short term for replacing | Systems & Software Inc., Se- 
older punch card and lever | quoia Voting Systems Inc. and 
election equipment — reforms | Hart InterCivic Inc. 
that must be implemented by | For its part, Hart viewed 
January 2006. | Compuware Corp.’s review of 
Manufacturers of the latest | its system on behalf of the 
generation of electronic E-voting, page 53 
touch-screen voting devices, 
known as direct recording 
electronic machines, are 
poised to reap the rewards of 
the spending spree. But con- 
troversy roils over whether 
DREs are secure and bug-free. 
Incidents of electronic vot- 
ing machine malfunctions 





The dawn of a new PC era. 


For the last decade, every processor chip in every personal computer in 
the world has been based on 32-bit architecture. It was the best technology 
we had. Until today. Introducing the revolutionary PowerPC G5 processor, the 

world’s first 64-bit processor for personal computers. 
Before now, a chip this formidable 
could only be found in the world’s 
fastest servers and supercomputers. Which is precisely 
where the G5 chip came from. Developed by IBM and 
Apple; the G5's DNA is from the core of IBM's highest- 
performance, 64-bit POWER4 processor. But just as 
impressive as the G5’s pedigree is how it’s manufactured. In IBM's (and the 
world’s) most advanced semiconductor facility, the G5’s 12-inch 
silicon wafers are untouched by human hands 


as robots guide them through 500 





The 64-bit processor. 


processing steps, creating 58 million transistors and connecting them with 
over 1000' of copper wire that’s less than 1/800th the width of a human hair. 
The new PowerPC G5 has a 1-gigahertz frontside bus’ that moves data 


in and out of the processor almost twice as fast as the 


a competition, removing a key bottleneck that 


limits performance. And it can support more 
than 200 in-flight instructions at a time —71% more than 
the 32-bit Pentium 4. Perhaps most importantly, the 
G5's 64-bit architecture can address dramatically more 
memory — over 4 billion times more than 32-bit chips 
— so that systems built around the G5 can shatter the 4-gigabyte memory 
ceiling that limits every other PC on earth. The 64-bit PowerPC G5. 
It’s not just a new chip. It’s the next chapter in 


personal computing. 
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I need the ultimate 32-bit yak 
and the ultimate 64-bit server 4 
to be the same server. 
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The AMD Opteron processor, superior 32-bit performance with expanded 64-bit capability. 
It’s the only server processor designed to run your 32- and 64-bit applications simultaneously and without compromise. 
AMD Opteron runs on AMD64, a breakthrough architecture that enables 64-bit technology on the x86 platform—creating 


a new class of computing. 


Ex 


The world’s highest performing 2P and 4P industry standard servers 
are now powered by AMD Opteron processors. Get unparalleled 32-bit 
performance and the ability to transition seamlessly to 64-bit computing. Opteron 


Leverage your existing investments while preparing for the future. It’s one architecture 
across your enterprise that offers industry leading performance for your 32-bit applications, and doesn’t 
require a forklift upgrade as more 64-bit applications emerge. It’s just another way AMD designs and builds 


processors with you in mind. For a closer look at the AMD Opteron processor, visit www.amd.com/opteron 
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In the Management section: IT managers like Gene Obrock 
(left) of Henkel Consumer Adhesives are diving into RFID 
technology and all its costs and complexities to meet the 
needs of retailer partners, even though a return on in- 
vestment is still a few years away. Page 39 


CRM to Go 


In the Technology section: Hosted CRM 
services deploy faster, but customization 
requirements, training and even privacy 


issues could shift your decision toward an 
in-house implementation. Page 25 
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10 Despite poor marks on this 


year’s federal cybersecurity 
report card, some observers 
remain optimistic. 


IBM’s effort to integrate Ra- 
tional Software’s personnel 


and technology shows signs of : 


progress at the one-year mark. 


IT execs are left out of 
Sarbanes-Oxley planning ini- 
tiatives at some companies. 


HP restructures, merging its 
enterprise hardware and soft- 
ware unit with its services 
group. 


Cable & Wireless will sell 
C&W America to a turn- 
around specialist, ending 
months of uncertainty for its 
U.S. Web hosting customers. 


30 Web Services Put GIS on the 
Map. Web services will enable 
IT to easily embed powerful 
geographic information sys- 
tem analysis and mapping ser- 
vices into familiar end-user 
applications. 


32 QuickStudy: Windows In- 
staller. This service allows ap- 
plications to be installed clean- 
ly and consistently and mini- 
mizes conflicts by tracking the 
use of system resources. 


34 Security Manager’s Journal: 
Good Firewalls Make Good 
Neighbors. Vince Tuesday 
puts firewalls between corpo- 
rate divisions to help prevent 
the spread of malicious code, 
but he finds getting the rules 
right isn’t easy. 


MANAGEMENT 


41 Offshore Dilemma. Outsourc- 
ing tech support overseas for 
IT infrastructure is a fairly 
new endeavor. Here’s some 
advice for companies that 
want to take the plunge. 





42 Rust Belt CRM. Manufactur- 
ers are using software that an- 
alyzes customer profitability 
so they can provide better ser- 
vice to high-profit customers 
and charge higher prices for 
low-profit orders. 


44 Q&A: Unintended Bias. 
Harvard professor Mahzarin 
R. Banaji discusses why hid- 
den, implicit biases are per- 
vasive, what effects they can 
have and what IT managers 
can do about them. 
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10 On the Mark: Mark Hall gets 
the scoop on the future of a 
popular open-source app. And 
he spots a trend that may spell 
an end to point products for 
secure message management. 


20 Maryfran Johnson hears from 
readers about their problems 
with offshore tech support. If 
things don’t improve, she says, 
vendors may have to follow 
Dell’s lead and bring their call 
centers back to the U.S. 


20 Pimm Fox finds a managed 
health care company that’s 
connected via the Web to a 
hosted marketplace to order 
and track purchases. 


David Moschella counts him- 
self among the optimists 
when looking at IT in 2004. 


36 Robert L. Mitchell warns that 
although old PCs may give up 
the ghost, the data within them 
can come back to haunt you. 


46 Barbara Gomolski predicts a 
flood of IT project requests 
from business units in 2004, 
So it’s time to figure out when 
to say yes and when to say no. 


54 Frankly Speaking: Frank 
Hayes eavesdrops on Santa 
and an elf as they discuss pre- 
sents for IT’s leading lights. 
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Ten Wireless Security Basics 
MOBILE/WIRELESS: Use this quick checklist 
to get started right. @ QuickLink 42957 


Forensic Analysis After a Breach 


SECURITY: Bryan Sartin, director of technol- 
ogy at Ubizen, explains what goes on during 
a forensic investigation of a security breach 
and cites two mistakes often made by compa- 
nies that can complicate the probe. 
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The Road Still Forks for 
ID Management Specs 


SECURITY: Competing sides in the push to 
develop specifications for federated identity 
management continue to talk of unifying 
standards, but there’s no resolution at hand. 
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Storage Tiers 


STORAGE: The Evaluator Group’s Randy 
Kerns examines secondary storage imple- 
mentations, including how they can reduce 
administrative burdens and the need for in- 
telligence-based policies. @ QuickLink 43415 


Tips for Speedy and Safe 
Patch Deployment 


OPERATING SYSTEMS: Two Avanade consul- 
tants offer advice on installing critical soft- 
ware patches — without bringing down your 
systems. @ QuickLink 42499 
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Demanding a Better 
Desktop Alternative 


ee eee 


IT managers are increasingly turning to thin 
clients, other options in push to cut PC costs 





| BY PATRICK THIBODEAU 
AND CAROL SLIWA 
VERY YEAR Dave Ras- 
pallo, CIO at Textron 
Financial Corp., found 
himself having to re- 
place a third of his 1,200 PCs. 
But he grew tired of the cost 
of the annual ritual, and he be- 
gan swapping out his desktops 
for thin clients. Forty percent 
of those PCs are now gone, 
and many more will disappear 
next year. 

“IT would consider it a failure 
if we don’t eliminate 
completely the use of 
any desktops,” said 
Raspallo, who has a 
name for his project: 
STIMI, or “Stop the 

Intel-Microsoft Insanity.” 

And he isn’t stopping at the 
desktop. He’s giving road war- 
riors handhelds and tablet PCs 
in lieu of laptops. Total sav- 
ings will be around 25% annu- 
ally for his Providence, R.L.- 
based company, most of it in 
reduced support costs. 

In the press for efficiency 
and cost reduction, data cen- 
ters have been centralized and 
servers consolidated. And 
now attention is increasingly 
focusing on the PC. There’s 
growing evidence of a deter- 
mination among IT managers 





to aggressively cut PC hard- 
ware and support costs by 
centralizing management and 
minimizing Microsoft Corp. li- 
censing fees. 

Jack Klosterman, CIO at 
Volkswagen Credit, 
is as determined as 


| any of them. 


Three weeks ago, 
the Libertyville, Ill.- 
based financing arm 
of Volkswagen AG 
began a pilot project 
using PC blades and 


| thin-client appli- 


ances from Hewlett- 
Packard Co., with 
plans to roll out 200 
PC blades next quarter. One 
way Klosterman expects to re- 
duce Microsoft licensing costs 
is by virtualizing the desktop. 

Employees access applica- 
tions via a solid-state desktop 
appliance. They can log into a 
PC blade from any appliance, 
so they’re not tied to a specific 
desktop. With at least 10% of 
the employees out of the of- 
fice at any given time, VW 
Credit can reduce the number 
of CPUs and, consequently, its 
Microsoft licensing fees. “It 
seems to have realistic poten- 
tial for this,” said Klosterman. 

The fact that the appliances 
can last twice as long as PCs 
while requiring less support 
also yields cost savings. 

Jesus Arriaga, CIO at Key 
Automotive Industries Inc., an 


| would consider it 

a failure if we don't 
eliminate completely the 
use of any desktops. 


DAVE RASPALLO, CIO, TEXTRON FINANCIAL CORP 


trols costs by lock- ; 
ing down desktops. motive has some 





auto parts distributor in Po- 
mona, Calif., expects to cut 
Microsoft licensing costs by 
taking a server-based ap- 
proach. Like Textron, Key 
Automotive is deploying thin 
clients from King of 
Prussia, Pa.-based 
Neoware Systems 
Inc., with applica- 
tion delivery soft- 
ware from Citrix 
Systems Inc. 

The licensing sav- 
ings come from con- 
ret trolled access to ap- 
plications. Key Auto- 
3,000 users, but only 
half of them have a regular 
need for Microsoft Office. 
“When you deploy a PC, you 
have to provide Office know- 


| ing that they may be sporadi- 


cally using it,” Arriaga said. 
He will have 1,500 Office li- 
censes on his servers and will 


| manage user access from the 
| data center. When his servers 
| hit the Office license limit, he 
| will need to buy more licens- 


es, but until then he’s paying 
only for what he uses. The 

project is 60% complete, and 
the goal is to move up to 95% 
of Key Automotive’s users to 


| thin clients over the next year. 


Arriaga expects other CIOs 
to look at the thin-client alter- 
native as well. “It’s on the path 
to being widely accepted,” he 


| said. 


John Sting], chief technical 
officer at Russell Investment 
Group in Tacoma, Wash., is 
moving his 1,000 users to a 
Citrix environment to cut 
costs. He’s using thin clients 
from HP’s Evo line that run 
local versions of Windows 
XP along with a browser and 
multimedia players. Applica- 
tions are delivered via a cen- 
tral server. 

IT managers say a thin- 





client move works only if the 
application environment is 


| standardized. In Russell In- 
| vestment’s case, that has 


meant reducing its applica- 
tions from 1,100 to 350. Stingl 
said he expects to save $9 mil- 
lion over five years. “The 
pressure to get more for your 
dollar ... is going to dictate 
that more folks take a look at 
this environment,” he said. 


The Linux Line 

Linux-based desktops that ac- 
cess Web-enabled applica- 
tions are getting the attention 
of many IT managers as well. 
But it may be unrealistic to 
predict that the Microsoft- 
loaded PC is facing an immi- 
nent threat from either thin 
clients or Linux. 

“There is a long history of 
people talking about the thin 
client taking over the world,” 
said Bob O’Donnell, an analyst 
at Framingham, Mass.-based 
IDC. O’Donnell said he inher- 
ited some “outrageous fore- 
casts” from earlier analysts, 
who predicted huge advances 
in thin-client adoption. 

In 1999, for instance, IDC 
forecast 9.5 million thin-client 
shipments in 2004, O’Donnell 
said. Today that estimate is 1.8 
million, only about 1% of total 


Early Adopter 


Stands Firm on 
Burlington Coat Factory Ware- 
house Corp. couldn't turn to any 
of its retail peers for advice five 
years ago when it began deploy- 
ing Linux-based desktops. 

At the time, the Burlington, 
N.J.-based company made one 
of the largest commitments to 
Linux to date, rolling out more 
than 1,000 Linux PCs. It was the 
ever announced by a U.S. com-. 
pany. The pioneering move was 
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BY THE NUMBERS 


Thin-Client Forecast 
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PC shipments. Still, the thin- 
client growth rate is over 20% 
annually. “The challenge has 
been to raise the awareness 
level,” O’Donnell said. 

But Steven VanRoekel, a di- 
rector of platform strategy at 

Aicrosoft, countered that the 
Windows-based desktop re- 
mains a healthy, low-cost ap- 
proach. He also cited failed 
thin-desktop movements of 
the past. “We've seen this 
trend, and the waves rise and 
fall,” he said. 

Microsoft does offer thin- 
client options through Web- 
based applications and its Ter- 
minal Server, which is part of 
the Windows server operating 


clerks to use, and last year the com- 
pany completed its migration of an 

of 15 cash registers in each 
of its 350 stores to Linux. So 





| 


| based Citrix reported 


system. The company also 
partners with Citrix to help 
companies deliver applica- 
tions to remote users. 

But VanRoekel said the 
company continues to believe 
that a “rich, high-fidelity cli- 
ent” is the best course for 
most users. Microsoft is work- 
ing to make the client deploy- 
ment process easier with the 
release of its next Windows 
operating system, code-named 
Longhorn, which is expected 
in late 2005 or 2006. A new 
feature, called SuperFetch, 


| will help applications launch 
| more quickly, and ClickOne 


installation will allow users to 
install an application by sim- 
ply clicking an icon or link. 

That said, users are unques- 
tionably buying thin clients. 
Indeed, some vendors offering 
desktop PC alternatives have 
fared much better 


| than other technolo- 


gy companies over 
the past couple of 


| years. 


Neoware, for in- 


| stance, reported a 

| 68% revenue gain for 
| its fiscal year that 
ended June 30. And 


Fort Lauderdale, Fla.- 


| arevenue jump of 


wasn't a major issue for Prince. He 
said the company's total cost of 
ownership declined because the 
systems were easy to administer 
and to lock down so users couldn't 
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21% year over year for the 
third quarter, which ended 


Sept. 30. The vendors say a key | 


driver of sales is security, as 
well as regulatory require- 
ments such as Sarbanes-Oxley. 
Many of the thin-client ven- 
dors, like ClearCube Inc., are 


privately held and don’t report 


their revenue. But the Austin- 
based maker of of PC blades 
claims that it has about 500 
corporate customers. 


And those HP PC blades that | 
are being piloted by VW Cred- | 


it will become generally avail- 
able in March. HP claims that 
the blades have the capability 
to replace half of all desktops 
in medium-size and large 
companies [QuickLink 43336]. 
The Linux desktop is a dif- 
ferent story. In the U.S. mar- 
ket, vendors see more oppor- 
tunities for Linux in call cen- 
ters, point-of-sale 
systems and techni- 
cal workstations 
than for replacing 


so-called knowledge 
worker systems used | 
for office productivi- | 


ty and business 
functions. But that’s 
not to say IT shops 
aren’t examining 
Linux alternatives 
on the desktop. 


needs support for its Linux desk- 
tops or servers, he has found plenty 
of options through partners such as 
IBM, its Linux vendors (Red Hat 
Inc., and SUSE Linux AG, which 
Novell inc. recently announced 
plans to acquire) and third-party 
support providers. 

“We've had far fewer issues get- 
ting resolution with Linux than 
we've had with any other operating 
system we've ever used, including 
all of the Unixes,” Prince said. 

But Linux has yet to : 
gain traction with the 
knowledge workers at 
Burlington Coat Facto- 
ty's home office. Prince 
said many of them have 


The move 
to Linux was “ab- 
solutely” worth it. 


In particular, many IT man- 
agers say they’re keeping a 
close watch on Sun Microsys- 
tems Inc.’s StarOffice produc- 
tivity suite. The Mayo Clinic, 


sire Bs) 1818) uf 


its 4,200 desktop clients, is 
investigating replacing more 
stand-alone desktops with 
thin clients as a way to cut li- 
censing and support costs. It 


for instance, has 10 machines 
loaded with StarOffice and 
OpenOffice, a free open- 
| source office suite, 
| study of Linux and thin 


clients. Ken Bobis, chief tech- 


nical officer at the clinic’s 
Scottsdale, Ariz., 
| he knows those office prod- 
| ucts work. “Clearly, we may 
| have pockets where we want 


| to deploy them,” he said. 


The Mayo Clinic, which al- 
| ready uses Citrix for some of 


from Wirdows to StarOffice.” 
Prince, who uses StarOffice, said 
compatibility issues haven't been a 
problem for at least a year. But he 
sees no immediate business gain in 
forcing the company’s knowledge 
workers to make a switch to StarOf- 
fice on Linux. He said he’s convinced 
that it would save costs and stream- 
line support, but he would also 
“have people up in arms.” 
“Resistance is natural. People 
don't like change in their tools. Car- 
~ penters are used to their 
hammers,” Prince said. 
“You're not just going to 
go in and change these 
things unless you have 
something terrific to of- 
fer. For everything they 
give up, you have to offer 
some new thing that's 
appealing to them.” 
Prince said the main 
limitation of the Linux 


as part of a 


location, said 


plans to continue using Office 
as well, but if the clinic de- 
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desktop is the lack of consistency in 
the user interfaces produced by the 
various vendors and open-source 
camps. “It keeps it from catching 
on,” he said. 

The CIO said he expects his com- 
pany will always have some Win- 
dows desktops, but he plans to offer 
a non-Windows environment to his 
associates and pussibly switch 
some workers as they get new PCs. 

“To me, if the company were to 
completely change over to Linux, | 
think we would have an easier time 
in IT supporting everyone. There 
would be fewer viruses. There 
would be fewer things people would 
do to screw themselves up with 
their computers,” Prince said. “On 
the other hand, as an IT manager, 
that’s not a very big priority for me. 
| have enough major strategic is- 
sues to deal with. Changing desk- 
tops isn’t one of them.” 

- Carol Sliwa 
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PCs, Portals and PDAs 


i jobs, and an SAP client. 


Among the IT man- 
agers plotting their 
companies’ future 
desktop plans is 
Terry Phipps, C/O at Treviso, Italy- 
based clothier Benetton Group SpA. 
His company is two years into a four- 
year project to modernize its IT sys- 
tems. He recently discussed the initia- 
tive with reporter Patrick Thibodeau. 


Does your infrastructure upgrade 
extend to the desktop? What we 
are trying to do is go to an environ- 
ment where we have much less on 
the desktop. We would like to have 

a much lighter desktop environment, 
where we have a browser enterprise 
information portal, any specific tools 
that are required to do specialized 


Continued from page 7 

ploys Office only on desktops 
where it’s really needed, it 
could reduce the number of 
Office licenses by a third, said 
CIO John Cranmer. 

Although Sun says Star- 
Office is compatible with Mi- 
crosoft file formats, some IT 
managers remain concerned. 

“People who have struggled 
through the maturing of the 
Microsoft products, I think, 
are reluctant to go back to be- 





We are also extremely interested in 


; alternatives to Microsoft Office. I'm 

!_ positive that Microsoft Office has be- 

* come so incredibly bloated in terms of 
; arcane features that for the average 

' user, it's really no longer so very easy 

' to use. | don’t think people are inter- 

1 ested in software; | think people are in- 
; terested in the jobs they have do to. 


i What do you think about thin 

; Clients? We're interested in thin 

; Clients, that’s for sure. What interests 

1 me more than thin clients is a sort of 

; hub strategy. What the thin client 

i doesn't necessarily suggest to me is 

? the relationship between ahighde- ! 
' gree of user mobility and the network. 
t | think cheap and powerful PCs or 


ing in the minority again,” said 
Dennis Biederman, vice presi- 
dent of global IT services at 
APW Ltd., an electronics parts 
maker in Waukesha, Wis. 

And while there’s plenty of 
interest in Office alternatives, 
it’s not enough to prompt a 
switch for Cornell University’s 
S.C. Johnson Graduate School 
of Management. 

“As a business school, we 
can’t consider products that 
the companies who hire our 





! Macintoshes that are well integrated 

; and well synchronized with network 

i services and with mobile devices, like 
more powerful PDA/telephones, are 

: very interesting for us. 


Can a PDA/telephone provide 
; functionality that’s similar to that 


of a laptop? Things are clearly going 


‘ in that direction. People don't like to 
{ carry around ne things. 


a Microsoft 
Office has 
become so incredi- 


bly bloated. . . that 
for the average user, 
it’s really no longer 
so —_ — to use. 


students don’t use,” said Larry 
Fresinski, the school’s CIO. 
“We suspect that Office will 
be the mainstay for Fortune 
500 companies for some time 
to come. However, if there’s a 
shift, we would shift as well.” 

Some IT managers clearly 
prefer to control costs through 
improved desktop manage- 
ment rather than by moving to 
thin clients. 

Bruce Blitch, CIO at Tessen- 
derlo, Kerley Inc., a Phoenix- 


Overseas Users Pioneer Desktop Linux 


Sun Microsystems Inc. today is 
expected to announce the sale of 


10,000 seats of its StarOffice pro- 


ductivity suite to United India In- 
surance Co. in Chennai. It's Sun's 


largest StarOffice contract to date. 


Sun sees its desktop strategy, 
which includes its SunRay thin 


client, as a means to a very specif- 


ic end: more server sales. But the 


company expects most of its initial 


desktop business to come from 
overseas. 

“[Cost] sensitivity dictates that 
the majority of market opportuni- 


ties will be in geographies outside 


of North America,” said Jonathan 
Schwartz, executive vice president 
of software at Sun. 


+ Last month, Sun reached an 

* agreement to sell up to 1 million 

; seats of its Linux-based Java 

: Desktop System annually to the 

; China Standard Software Co., a 

i government-backed consortium 

; [Quicklink 42944]. And just last 

; week, the U.K. government signed 
' a five-year agreement with Sun to 
; evaluate the cost and usability of 


1 the Java Desktop System and Sun's 


: Java Enterprise System [QuickLink 
43385]. It is also testing open- 
source software from IBM. 

Scott Handy, vice president in 
charge of desktops at IBM, said 
U.S. businesses’ interest in Linux 


desktops is limited. That's partly be- 


cause software licensing fees rep- 


t resent only 20% of the total cost of # 
* ownership of desktops, he said, 


: which IBM estimates to be between } 
$5,000 and $7,000 per PC per year. * 
; short time. But next month Novell 


But Handy predicted a gradual 
movement to Web-based applica- 
tions deployed through portals. 
“We are multiple years into a 
decade-long shift” to using Inter- 
net-based technology as a more 


plication, he said, adding that a 
shift to server-based delivery of 
applications can cut the cost of a 
desktop in half. 

Sun expects the shift to be to- 
ward simplicity. Schwartz cited 
devices such as Java-enabled 
phones as an example and main- 
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based chemicals maker, is con- 
cerned about the performance 
of server-based computing 
with remote locations. Con- 
trolling desktop support costs 
is accomplished through 
“tyrannical control” of desk- 
top systems through the use 
of Windows 2000 lockdown 
policies that prevent users 
from installing applications 
on their PCs, he said. 

One problem facing thin- 
client adoption is user resis- 
tance. Jeff Skeen, CIO at Gold’s 
Gym International Inc. in Falls 
Church, Va., said 30 of the 
company’s 37 corporate-owned 
locations now run thin clients, 
and the remaining seven will 
be converted in March. He 
said over 650 franchisees will 
be offered the system in its 
current format in July. 

“The big challenge we have 
with the corporate staff is that 
employees are used to having 
their own way with their sys- 
tems,” Skeen said. “What 
we've tried to do is keep a real 
close eye on the administrative 
staff and how they’re using 
their PCs, so when we put the 
thin client in, it’s not a huge 
loss of freedom.” @ 43511 


MORE ONLINE 


ir Web site for comprehensive 


| coverage of desktop issues and strategies: 


QuickLink a3870 
www.computerworld.com 


i tained that ClOs want the same 
* kind of simplicity on their desk- 


; tops. “They want to reduce ex- 
penses; they want to manage it 
centrally,” he said. 

Sun has clearly emerged as a 
Linux desktop leader in a relatively 


Inc. is expected to finalize its pur- 


; chase of Linux vendor SUSE Linux 
; AG, amove that follows Novell's 
' August acquisition of Ximian Inc., 


which makes a Linux desktop en- 
vironment [QuickLink 42689}. 
Charlie Ungashick, director of 
product management and market- 
ing for Novell's Ximian Services 


+ group, said the company will focus 


on technical workstation users and 

inventory and point-of-sale work- 

ers - not the general office worker. 
~ Patrick Thibodeau 
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SOME USERS SAY 
PUM mem mets [tC] 
costs may be to out- 
source their desktop 
Tyee mM eit 6) 
or offshore providers. 

Last spring, Curtis 
Helsel, vice president 
of data and technology 
Re uae aL) 
University of Colorado 
Ua Celi 
PMU m lela motive 
for his Boulder-based 
Oye LE 

BURCH els] 
off 55 people, includ- 
em Pale cs eel} 
ee CUTS UCL CLE) 
in Helsel’s IT depart- 
eee ya al] 
plan to outsource much 
of the organization's IT 
infrastructure to San 
Jose-based Center- 
eT m lee 

eer Crest sretu picts 
Peterlee clea 
in Saint John, New 
Brunswick, to manage 
iMac Mm Clary 
and backups and to 
DeWeese (ob 
ment. Local Boulder 
contractors hired 
through CenterBeam 
PEL caer emi pte.) 
hardware problems, 
but for everything else, 
users turn to the help 
OC a laciilae 

mest url Gsy 
savings to the founda- 
tion of about 35% to 
40%, most of it in 
salary costs. 

Returning to in- 
Tre) le mam T | 
be extremely expensive 
for us,” he said. “There 
Pe Wer eum ra Cy 
FCM MOR UCR tg 
the long term.” 

~ Patrick Thibodeau 
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Board Raps CSC, 
IRS Over IT Delays 


The U.S. Internal Revenue Ser- 
vice’s oversight board said Com- 
puter Sciences Corp. should be 
replaced as lead contractor on 

a $1.35 billion IT modernization 
project at the agency if delays 
and cost overruns aren’t resolved 
soon. But the board also faulted 
the IRS for poor governance of 
the project. A spokesman for El 
Segundo, Calif.-based CSC said 
the vendor team it leads “is mak- 
ing considerable progress.” 


Los Alamos Can’t 
Locate Data Disks 


The Los Alamos National Labora- 
tory said it can’t account for a 
high-capacity storage disk and 
nine floppy disks following an in- 
ventory of classified materials 
that was done on Dec. 4. Offi- 
cials at the New Mexico-based 
lab said the disks wouldn't jeop- 
ardize national security and like- 
ly were destroyed as part of its 
routine procedures. But the lab 
is retraining workers to ensure 
that they document the destruc- 
tion of disks. 


Peregrine Delays 
Its Financial Filings 


Software vendor Peregrine Sys- 
tems Inc., which emerged from 
bankruptcy protection in August, 
has delayed the scheduled filing 
of financial reports for its last 
fiscal year and the first half of its 
current one. The San Diego- 
based company said it’s taking 
longer than expected to account 
for restructuring moves made 
during fiscal 2003. 


Short Takes 


The U.K.’s Inland Revenue 
agency chose CAP GEMINI ERNST 
& YOUNG over incumbents Elec- 
tronic Data Systems Corp. and 
Accenture Ltd. for a 10-year out- 
sourcing deal worth $5.2 billion. 
. .. JOHN SIDGMORE, former 
chairman and CEO of WorldCom 
Inc., died at the age of 52. 


NEWS 


MARK HALL ®ON THE MARK 


Major Rev Under Way 
For Open-Source ... 


... Web site content management application, says the lead developer, 
David Wheeler, who also happens to be president of Kineticode Inc., a 
San Francisco start-up. Bricolage, as the open-source app is called, “is 
going through a major rewrite and being rearchitected,” he says. The 
reason? Increased modularity and to give a jolt to performance. There will 
also be improved integration with XML and a centralized database, 


which is now the open-source Postgres. 
But support will be added for MySQL, 
which is also open-source. You might 
think only small-time users bother with 
Bricolage, especially since Wheeler’s 
customers routinely ask for and then 
fund the development and changes 

that everyone else then benefits from. 
Where’s the competitive advantage? 
Well, he claims, effective management of 
Web site content shouldn’t be considered 
a core competency for IT 
pros, so they shouldn’t 

care. The most important 
competitive advantage, 
Wheeler says, “is not paying 
six-figure licensing fees to 
Vignette.” That notion has 
appealed to RAND Corp., 
Entertainment Tonight and 
Portugal Telecom SGPS SA. 
Even the Dean for America 
presidential campaign voted 
for Bricolage. But Wheeler 
is unsure exactly when Ver- 
sion 2.0 will finally hit the 
streets. That’s probably be- 
cause he’s putting the fin- 
ishing touches on the 1.8 up- 


Tn nee 
Calif., today ships Kana 
Response 8, which joins 
the J2EE-based Kana 
eee CRM OU RT lem 
The third tool developed 
OSC ele cece 
Response 8 uses intelli- 
gent agents to automati- 
Pr NMe RRM Cll -g 
queries and has specific 
features for vertical mar- 
kets such as health care 
EUR meu erie 


grade to be released by the end of this 
month. It will include the ability to cen- 
traily manage multiple sites while main- 
taining individual workflows and doc- 
ument types for each site. And you 
thought you were busy. ® If you’ve been 
paying attention to trends in antispam, anti- 
virus and content-filtering technologies, 
you've probably noticed that discrete 
products are increasingly being delivered 
as packages that allow corporate policies 
to be applied from a single 
management console. Matt 
Dirks, NetIQ Corp.’s vice 
president for management 
security products, notes 
that point products for se- 
cure messaging are becom- 
ing less interesting to IT 
managers. In the coming 
year, you can expect to see 
some changes in that re- 
gard for the San Jose-based 
company’s VigilEnt, Mail- 
Marshall and other prod- 
ucts. Although Dirks de- 
clined to say when or how 
the changes will occur, he 
did say a rebranding effort 
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will commence in 2004. Expect to see 
MailMarshall and others to be thrown in the 
slammer and replaced by the more vanilla 
“NetIQ antispam” and the like. ® Eric 
Hahn, chairman of Proofpoint Inc. in Cu- 
pertino, Calif., believes NetIQ has some 
catching up to do, since his company’s 
Proofpoint Protection Server already is a 
uniformly named antispam, antivirus and 
content filtering rolled into a single poli- 
cy-based application. But Hahn is less in- 
terested in bashing the competition than in 
knocking recent antispam efforts by politicians 
and Microsoft. He labels new federal anti- 
spam legislation “a recipe for disaster” 
because it encourages the spammee to 
ask the spammer to remove him from a 
list. (Yeah, right.) And he’s suspicious of 
Microsoft’s recent announcements about 
adding what he calls “very good” anti- 
spam features to Outlook and Exchange. 
“They’re using an antispam message just 
to sell more software,” he concludes. 
Tom Detmer, CEO of CenterStone Tech- 
nologies Inc. in Denver, says his company 
is getting a lovely holiday gift from venture 
capitalists that will approach $3 million. And 
what will the retail supply chain applica- 
tion service provider do with the dough? 
One key development will be integration 
of its Buyer’s Page online application 
with leading point-of-sale (POS) pro- 
grams, starting in February with Retail 
Pro POS from Retail Technologies Inter- 
national Inc. in Folsom, Calif. Detmer 
claims Retail Pro has 30% of the POS 
market share in the 10,000 or more sport- 
ing-goods stores in the U.S. Users of 
Fountain Valley, Calif.-based Cam Com- 
merce Solutions Inc.’s POS tools will be 
next in line. And later in 2004, Detmer 
says, a few of the VCs’ bucks will be ex- 
changed for euros when CenterStone local- 
izes its software for the booming Euro- 
pean market. 43492 





Government Gets Low Cybersecurity Grades 


last December by the Federal 
Information Security Manage- 
ment Act. The key change 





BY DAN VERTON 
WASHINGTON 

Congress last week slapped 
federal agencies with an over- 
all dismally low grade in cyber- 
security. But some government 
and industry executives are 
calling this year’s report card a 
success and a potential turning 


| point in security preparedness. 


Despite the government’s 
overall grade of D+ — and the 
F given to the Department of 
Homeland Security — by the 
House Government Affairs 
subcommittee on technology 
policy [QuickLink 43439], gov- 





ernment and industry officials 
praised work being done by at 
least two agencies and said 
regulatory changes could lead 
to improvements in 2004. 

The biggest news in the re- 
port card, said Alan Paller, 
director of the SANS Institute 
in Bethesda, Md., was the D+ 
given to the U.S. Department 
of Transportation. Compared 
with last year, the DOT im- 
proved its numeric score and 
its overall letter grade dramati- 
cally — from 28 to 69 and from 
an F to a D+ — because it de- 
veloped a method for conduct- 





ing systems certification and 
accreditation (C&A) in a cost- 
effective and efficient manner. 
The DOT got the idea from the 
U.S. Nuclear Regulatory Com- 
mission, which earned a grade 
of A this year. 

“While other agencies spend 
$25,000 to $100,000 per system 
for doing C&A on low-risk sys- 
tems, Transportation got the 
cost down below $5,500,” said 
Paller. 

Another major development 
likely to be reflected in next 
year’s report card arises from 
regulatory changes introduced 





was a requirement that each 
government agency develop 
its own systems configuration 
guidelines with specific secu- 
rity settings and patch man- 
agement processes. 

Paller said the FISMA re- 
quirement will likely push 
more agencies to demand 
more secure software from the 
vendor community. @ 43526 


MORE ONLINE 


For an expanded version of this story, visit 
our Web site: 


QuickLink 43487 
www.computerworld.com 
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HP. Standing at the forefront 
of the Linux revolution. 


Linux is all about open solutions. 

And so-is HP. So, naturally, HP has 
emerged as the worldwide leader in 
Linux solutions. By focusing on the 
key strength of Linux—open system 
environments —HP has been solving 
real business:problems for more 
customers than anyone for 18 
quarters running. With HP hardware, 
software and over 4,000 Linux 
Cala M341 -io(e VM OM la (Mel 
rol oR MAM MAL) acolo (18 
And the ones you should call 

to make even your 
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applications 

2 easier to manage 

at lower costs. 

Demand more. Demand HP for Linux. 


“To see what HP and Linux can do for 


Wem Meme me eRes ates 
at www.hp.com/go/demandlinux. 
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IBM, Rational Reach Common 
Ground at the One-Year Mark 


Integration efforts 
move forward as 
company builds on 
Eclipse framework 


BY CAROL SLIWA 
LEXINGTON, MASS 
NTEGRATION efforts re- 
mained a work in prog- 
ress as IBM marked the 
one-year anniversary 
of its acquisition of Rational 
Software Corp. here last week. 
But the company showed signs 
that it’s making headway. 

Its newly consolidated 
developerWorks Web site, 
launched last week, will give 
the Rational pages the same 
look and feel as those display- 
ing content for IBM’s other 
software product lines. 

IBM also plans to expand its 
developer outreach programs 
next year by increasing the 
number of technical events it 
stages from 120 last year to 
400 next year, said Buell Dun- 
can, general manager of devel- 
oper relations at IBM. 





Duncan also said Rational’s 
user conference will be folded 
into IBM’s developerWorks 
Live conference next year “be- 
cause Rational is the lead in- 
side of IBM for the efforts as 
we drive this IBM software 
development platform.” 

Executives outlined how the 
company will continue its 
long-term effort to move to a 
common architecture across 
all of IBM’s software products, 
including the Rational devel- 
opment tools. To that end, 
IBM is using its Eclipse open- 
source development frame- 
work to give developers a 
common interface for its tools. 

“We were a business partner 
with IBM for many years be- 
fore joining IBM, so we had 
already made considerable 
progress integrating our prod- 
ucts,” said Mike Devlin, the for- 
mer CEO of Rational and now 
general manager of IBM’s Ra- 
tional software business unit. 
“But now we're really acceler- 
ating that.” 

The merger is working out 





IBM's Rational Division 


: YEAR 1 


IBM announced on Dec. 6, 2002, that it would acquire Rational Software. 
Here are some of the highlights of Rational’s first year in the IBM fold: 


FEBRUARY: IBM completes $2.1 billion acquisition of Rational. 
MAY: Released two new products - IBM Rational Rapid Developer tool and 


IBM XDE Tester; updated IBM Rational Suite, XDE Developer Plus; added 
customization and configuration features to IBM Rational Unified Process. 


OCTOBER: Pretend tool set code-named Stinger, which will allow develop- 
ers to write Windows applications for DB2 and integrate XDE Developer data 


SOURCE: IBM 


well for customers such as 
John Pritchard, a software 
architect at Lockheed Martin 
Corp.’s Integrated Systems 
and Solutions unit in Col- 
orado Springs. Lockheed is 
an IBM hardware customer, 
and Pritchard’s group uses 
IBM’s WebSphere application 
server and integrated devel- 


| opment environment, as well 


as Rational modeling and test- 
ing tools. 
Pritchard said that in the 


IBM to Release WebSphere Updates 


IBM this week plans to release an 
update to its WebSphere applica- 
tion server that adds support for 
some of the latest Java technolo- 
gies and for a proposed standard 
to ease the building of user inter- 
faces for Web applications. 
WebSphere Application Serv- 
er 5.1 will include support for 
dava 2 Standard Edition 1.4.1 - 
also known as Java Develop- 
ment Kit (JDK) 1.4 - and im- 
provements in the areas of secu- 
rity, XML and debugging, said 
Bob Sutor, IBM's director of 
WebSphere integration software. 
Sutor said the new version 
will also add beta support for 
JavaServer Faces, a proposed 
standard being developed 
through the Java Community 
Process, an organization that 
Sun Microsystems Inc. estab- 
lished to evolve Java technol- 


ogy. Using the programming 
model that JavaServer Faces 
defines, developers can assem- 
ble reusable interface compo- 
nents in a Web page and con- 
nect them to data sources. 

“It makes it much, much easi- 
er to deploy very rich applica- 
tions yet still have them server- 
based,” said Sutor. He added 
that the JavaServer Faces stan- 
dard is expected to be finalized 
next quarter and that he doesn’t 
anticipate substantial changes. 

On Dec. 30, IBM plans to re- 
lease an update to the accompa- 
nying WebSphere Studio Appli- 
cation Developer tool set to sup- 
port JDK 1.4 and JavaServer 
Faces. Sutor said the 5.11 release 
will give developers a pallet of 
controls that they can drag and 
drop, and the means to make 
easy connections to databases. 


in the new application server 
and tool releases, IBM will also 
provide early support for Service 
Data Objects, a specification 
that describes a simple, unified 
programming model for data ac- 
cess to heterogeneous systems. 
IBM and rival BEA Systems Inc. 
submitted the proposal to the 
Java Community Process earlier 
this month. The result of a vote 
to determine whether the speci- 
fication has been accepted is 
due tomorrow. 

Sutor last week disclosed the 
road map for the next major re- 
lease of WebSphere. He said 
IBM expects to start delivering 
Version 6.0 in the second half of 
next year. That release will fea- 
ture support for J2EE 1.4 and 
performance and usability im- 
provements, Sutor said. 

~ Carol Sliwa 





DECEMBER: Embedded IBM Rational Robot into IBM Tivoli monitoring 
software to capture end-user view of transactions by simulating behaviors. 


past, the group had to go 
through the integration proc- 
ess to get the code generated 
by Rational’s Rose modeling 
tool imported into the Web- 
Sphere Studio Application 
Developer. 

“Now they’re doing that, 
and it allows us to focus on 
developing a system,” he said, 
adding that the next step will 
be to move to the newer Ra- 
tional XDE modeling tool, 
which is more tightly integrat- 
ed with WebSphere Studio. 


One Window 


Now that Rational’s Purify 
testing tools are integrated 
into WebSphere Studio, devel- 
opers no longer have to export 
files from Studio to Purify and 
close down one tool to work 
in the other, Pritchard added. 
Instead, they can work with a 
single window open. 

“T think these are things 
we would probably have seen 
anyway, but they just come out 
faster now,” he said. “You'll see 
an IBM update of a product, 
and they’ve got a bunch of Ra- 
tional integrations with that.” 

Pritchard said he also would 
like developers, testers and 
product managers who use 
different IBM and Rational 
tools to be able to look at a 
common interface when they 
work. He said that Eclipse is 
geared toward developers and 
has added modeling. 

Eric Schurr, vice president 
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of marketing in the Rational 
division, said the company not 
only will continue to work on 
integrating products that cur- 
rently can’t share a common 
user interface, but it will also 
tighten integration among 
products that have already 
been integrated through the 
Eclipse framework. 

Schurr said WebSphere Stu- 
dio Application Developer 
features a Unified Modeling 
Language visualizer that was 
jointly built by the WebSphere 
and Rational teams. But he 
said Rational’s XDE modeling 
tool will be more tightly inte- 
grated in the future. 

The same is true of IBM’s 
Tivoli performance monitor- 
ing tool, Schurr added. So 
far, the Rational Robot auto- 
mated testing playback tech- 
nology has been integrated, 
he noted. 

The Rational Unified Proc- 
ess (RUP), a set of best prac- 
tices for developing software, 
was updated to be more com- 
ponentized and customizable. 
Schurr said that in the future, 
RUP will add content from 
the Summit methodology that 
was obtained through IBM’s 
acquisition of PwC Consulting 
last year. 

But Mark Driver, a Gartner 
Inc. analyst, said that although 
some of his clients are seeing 
value from the broader range 
of developer products that 
IBM now offers thanks to the 
Rational acquisition, other 
users are concerned about 
the Rational division’s sup- 
port for non-IBM products 
like Microsoft Corp.’s .Net 
technologies. 

Driver said he thinks some 
users may stop using Rational 
tools as Microsoft starts to of- 
fer tools that are more com- 
petitive with Rational’s devel- 
opment life-cycle products. 

Rational executives insisted 
that they will continue to sup- 
port the .Net development en- 
vironment. And Devlin said he 
anticipates that Rational tools 
eventually will let developers 
build service-oriented archi- 
tectures with a common set of 
modeling and testing tools, 
even if some services are .Net- 
based and others are J2EE- 
based. @ 43519 
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Superheroes have x-ray vision. IT managers have OpenView. 


HP’s IT service management solutions let you see how each event affects your services so you can apply your resources 
more intelligently. You're spending up to 80% of your budget maintaining your current IT operations, and they’re demanding that you cut costs? This 
sounds like a job for HP. Our OpenView management software gives you the power to see your entire infrastructure at a glance and to control it from a services 
level. The results are, well, super. In an IDC study, enterprise customers who used OpenView software cut management time in half while increasing server 


availability by 79%: Wouldn't you like to have that capability in your utility belt? 


HP OPENVIEW The return on investment gains after implementing 


HP OpenView management software is 


MANAGEMENT f§ unmatched in the industry: 


SOFTWARE IT Productivity (time for task) improved by 54% 


49% reduction in time to identify and fix 


| downtime incidents 
j 


79% reduction in server downtime 





To see how well HP OpenView solutions have performed for customers, get their case studies 
at www.hp.com/go/superhero, or call 866-476-3331. 


© 2003 Hewlett-Packard Development Company, L.P. “IDC Whitepaper, Turning /T Overhead into Business Value by Improving Infrastructure Management 
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IBM Wins Two Big 
IT Deals in Europe 


IBM announced outsourcing con- 
tracts with two companies based 
in Europe. It will manage the IT in- 
frastructure of tire maker Michelin 
in Europe and North America un- 
der an eight-year deal worth $1.2 
billion. About 600 Michelin work- 
ers are due to transfer to IBM. The 
other deal calls for IBM to manage 
about 65,000 desktop and laptop 
PCs for insurer Zurich Financial 
Services. Zurich will transfer 470 
employees to IBM and pay a us- 
age-based monthly fee. 


Microsoft Belatedly 
Delivers Patch . . . 


A glitch in Microsoft Corp.’s Win- 
dows Update service caused a se- 
curity fix that was supposed to 
have been sent to users last 
month to be delivered on Dec. 9 - 
the same day Microsoft said it 
wouldn’t release a monthly set of 
patches during December. The 
patch is for FrontPage Server Ex- 
tensions, a group of Web site 
management tools. [Go online for 
more details: QuickLink 43475]. 


... And Says It Will 
Drop Some Products 


In other news, Microsoft said it 
will stop selling Office 2000, SQL 
Server 7, most versions of Win- 
dows 98 and various other prod- 
ucts on Dec. 23. The sales cutoff 
is part of the deal that the compa- 
ny signed with Sun Microsystems 
Inc. in 2001 to settle a legal dis- 
pute over Java. Microsoft had said 
it would retire the products today 
but extended the deadline to allow 
more time for final downloads. 


Short Takes 


THE SCO GROUP INC. said its Web 
site as well as its e-mail and cus- 
tomer support systems were dis- 
rupted by a denial-of-service at- 
tack that began last Wednesday. 

. .. AT&T CORP. said it will begin 
offering a full set of voice-over-IP 
services to corporate users next 
year. 
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Some IT Execs Are Excluded 
From Sarbanes-Oxley Planning 


Survey finds some firms aren’t putting 
tech managers on steering committees 





BY THOMAS HOFFMAN 
XECUTIVES AT some 
companies that are 
addressing the re- 
quirements of the Sar- 

banes-Oxley Act say they 

were quick to involve IT man- 
agers in their compliance ef- 
forts. But that’s not happening 
universally, according to a re- 
port being released tomorrow. 
Many companies are leaving 

IT executives off of their Sar- 

banes-Oxley compliance steer- 

ing committees, The Hackett 

Group found. For example, six 

of 18 businesses that have set 


| up such committees said in an 


October survey conducted by 
the Atlanta-based consulting 
firm that there are no IT rep- 
resentatives on their panels. 
Hackett surveyed 22 compa- 
nies, four of which said they 
had yet to form compliance 
committees to oversee proj- 
ects related to Section 404 of 
Sarbanes-Oxley. That section 
requires publicly held compa- 
nies to conduct annual evalua- 
tions of their financial report- 
ing controls and procedures. 
Allan Frank, president of 
Answerthink Inc., Hackett’s 
parent company, acknowl- 
edged that the survey’s sample 


| size was small. But he said the 


results map with anecdotal ev- 
idence that the firm is seeing 
among its clients. 

Some companies “perceive 
[Sarbanes-Oxley] as a finance 
issue, or they might not be far 
enough along for the light bulb 
to go off,” Frank said, referring 
to the recognition that it’s vital 
to include IT managers in the 
planning stages of projects. 


Inclusive Policies 

The EW. Scripps Co. came to 
that conclusion quickly, said 
Oscar de Jongh, managing di- 
rector of the project manage- 
ment office at the Cincinnati- 
based media conglomerate. 


Scripps recently hired a new 
chief financial officer and pro- 
| moted the controller of its IT 
department to corporate con- 
troller. Those two executives 
“have brought in a lot of par- 
ticipation from the IT group” 
on the company’s Sarbanes- 
Oxley project, de Jongh said. 
He added that Scripps’ com- 
pliance steering committee in- 
cludes the company’s chief 
technology officer in addition 
to the CFO, chief operating of- 
ficer and business unit leaders. 

Mark Nagelvoort, vice presi- 
dent and internal control man- 
ager at Hudson United Bank 





in Mahwah, NJ., said he has 
included an executive who’s in 
charge of IT and operations 
such as cash management and 
branch administration in all 
facets of the bank’s Sarbanes- 
Oxley compliance planning. 

The executive’s dual role 
makes him “the most knowl- 
edgeable senior officer in 
terms of Sarbanes” at the bank, 
a subsidiary of Hudson United 
Bancorp, Nagelvoort said. 

But Bill Gaylord, vice presi- 
dent of market development at 
Hyperion Solutions Inc. in 
Sunnyvale, Calif., agreed with 
Hackett’s finding that IT rep- 
resentation on Sarbanes-Oxley 
committees isn’t a sure thing. 
“It’s fairly mixed,” Gaylord 
said. He added that the first 





Compliance 
Projects 
Which departments are 


represented on your Section 
404 steering committee? 


roa 


Base: Finance executives at 18 large 
companies who were surveyed in October; 
four others said they hadn't yet set up 
steering committees. 

SOURCE: THE HACKETT GROUP. ATLANTA 


step in compliance efforts 
should be to assess the new 
internal procedures that are 
needed and then determine 
what kind of system changes 
will be required. @ 43530 





CEO says goal is to 


BY STACY COWLEY AND 
PATRICK THIBODEAU 
Hewlett-Packard Co. last week 
announced a corporate re- 
structuring, merging its enter- 
prise hardware and software 
unit with its services group to 
form one division called the 
Technology Solutions Group. 

The move is intended to 
unify HP’s sales teams in their 
approach to large corporate 
accounts, CEO Carly Fiorina 
said during an HP meeting 
with financial analysts in New 
York. The changes began in 
June and will be fi- 
nalized in mid-2004, 
she said. HP plans to 
continue breaking 
hardware, software 
and services revenue 
out separately in its 
financial reports. 

“We don’t expect 
undue disruption. 
This has been part of 
the path we’ve been 
on for some time,” 








) ma Mella 
expect undue dis- 
ruption” to follow 
film acta eile 


Fiorina said. 

Ronald Evans, head of the 
94,000-member Interex HP 
user group in Sunnyvale, Calif., 
said combining the services 
and product groups should 
improve customer support. 

“Tt can’t but help in provid- 
ing better communications 
with the customers,” Evans 
said. “You are putting all the 
systems, software and services 
at their disposal through one 
operation.” 

In a memo to HP employees 
last week, Fiorina detailed the 
management changes, which 
include putting Ann Liver- 
more, who heads the services 
division, in charge of the new 

» business group. Pe- 
ter Blackmore, who 
headed the enter- 
prise systems divi- 
sion, will manage 
sales. In her memo, 
Fiorina said the 
change is a “more 
holistic grouping 
that allows us to sim- 
plify our manage- 
ment structure.” 

Evans praised Liv- 





HP Reorg Unites Products, Services 


ermore as having a “very good 
level of experience in making 
organizations pull together.” 
Analysts said the restructur- 
ing may make HP staff more 
likely to recommend HP prod- 
ucts over those of third par- 
ties. It “will certainly have a 
strong tendency to make the 
services more HP product- 
centric,” said Gordon Haff, an 
analyst at Illuminata Inc. 
HP made the announcement 
a day after saying it would 
merge its global operations 
and IT divisions. Longtime HP 
employee Gilles Bouchard will 
run that group and assume the 
title of CIO [QuickLink 43397]. 
Fiorina cast that IT consoli- 
dation as a sign of the compa- 
ny practicing what it preaches. 
“We’re combining our 
global operations and our IT 
functions because we know 
that driving process improve- 
ments and IT together is the 
way to continue to make the 
most rapid progress,” she said. 
@ 43524 


Cowley writes for the IDG 
News Service. 
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Stuart Anderson, executive di- 
rector of the recently formed 
National Foundation for 
American Policy in Arlington, 
Va. Anderson, a former Senate 
staffer on the Immigration 
Subcommittee, called the 
growing number of bills relat- 
ed to offshore outsourcing 
“creeping protectionism.” 

But many IT workers who 
have lost their jobs as a result 
of offshore outsourcing, such 
as William Stolting, a former 
director of technology for a 
major financial services firm 
in New York, stress that law- 
makers need to take action to 
help people in their position. 

One step legislators can 
take is to ensure that govern- 
ment contract work remains 
in the U.S., even if it costs tax- 
payers “an extra dollar,” Stolt- 
ing said. “I think people un- 
derstand there is cost involved 
with being a citizen and pro- 
tecting what we have here.” 

In a Capitol Hill forum on 
offshore outsourcing Thurs- 
day, Rolf Lundberg, a senior 
vice president at the U.S. 
Chamber of Commerce, said 
legislation that seeks to im- 
pede offshore outsourcing 
“will undermine efforts to 
open new markets overseas” 
and invite “some form of re- 
sponse and retaliation” by for- 
eign nations. 

Lundberg and representa- 
tives of other trade groups ar- 
gue the U.S. job protectionism 
prevents companies from in- 
vesting in new areas and ulti- 
mately hurts innovation and 
job growth. 


New Activists 
But those arguments won’t 
stop the efforts of workers 
who have lost their jobs. IT ac- 
tivists such as James Pace, leg- 
islative director for the Rescue 
American Jobs Foundation in 
Mesa, Ariz., said IT profes- 
sionals are beginning to get in- 
volved with groups represent- 
ing blue-collar workers. “We 
are trying to make this as big 
an issue as we can,” he said. 

In addition to setting re- 
strictions on call centers, 





some bills seek to make it 
mandatory for government 
contracts to be awarded only 
to U.S. citizens, and others aim 
to set limits on the use of visas 
such as the L-l, which is used 
by companies to transfer em- 
ployees from other countries 
into the U.S. 

Among the supporters of 


| those efforts is Bob Baugh, ex- 


ecutive director of the AFL- 
CIO Industrial Union Council. 
“Anything in the digital age 
that can be moved ... will be 
moved,” he said. 

Erica Groshen, an assistant 
vice president at the Federal 
Reserve Bank of New York, 
said the U.S. is in a recovery 
with respect to output, “but 
we’re not in a recovery in 
terms of jobs.” 

Still, Groshen said she does- 
n’t consider the movement of 
jobs overseas to be negative 
for the U.S. economy, because 


NEWS 


REL RE ROL NE RR 
New Protectionism? 


Examples of legislation seeking to restrict offshore work: 


CONGRESS 


= A bill sponsored by Sens. Craig Thomas (R-Wyo.) and George 
Voinovich (R-Ohio) would prohibit contractors from performing work 


outside the U.S. 


w Sen. Christopher Dodd (D-Conn.) and Rep. Nancy Johnson 
(R-Conn.) have introduced bills in their respective chambers that would 


restrict use of the L-1 visa. 


STATE LEGISLATURES 


w Indiana: A bill would require that government contracts be awarded 
only to U.S. citizens or people authorized to work in the U.S. 


w North Carolina: Legislation would require a call center operator to 


disclose his location upon request. 





the country’s competitive ad- 
vantage is its ability to inno- 
vate. “Constantly shipping 
jobs abroad signals our suc- 
cess as innovators,” she said. 
Robert Atkinson, senior vice 


| president of the Progressive 


Policy Institute in Washing- 
ton, said there are policy 
changes the government can 
make to help the IT industry. 
He cited examples such as in- 
vesting in IT projects, boost- 
ing training and giving affect- 


www.computerworld.com 


ed workers the tools they need 
to adjust to the new environ- 
ment, including assistance 
with medical coverage and 
expanded unemployment in- 
surance. 

Jeff Lande, a vice president 
of the Information Technology 
Association of America, an in- 
dustry trade group in Arling- 
ton, Va., said there are limits 
to what can be outsourced. For 
instance, eight out of 10 IT 
workers are employed by 
small companies that don’t 
have the scale or capacity to 
send work offshore, he said. 

More than 500,000 jobs, by 
some estimates, have been 
moved to India. But Lande said 
improvements in the standards 
of living in other countries en- 
able their consumers can buy 
more products. 

“This is a battle that’s going 
to be won on innovation and 
quality,” Lande said. @ 43520 





Zero-Day 


tacks could wreak. 

“I’m very concerned about 
it,” said Joseph Inhoff, LAN 
administrator at Lutron Elec- 
tronics Co., a maker of lighting 
equipment in Coopersburg, 
Pa. Because zero-day attacks 
seek to exploit security holes 
in software products before 
vendors can plug them, the 
potential for damage is some- 
thing that Lutron’s manage- 
ment is especially worried 
about, Inhoff said. 

Inhoff attended the InfoSec 
show to see how automated 
patching software could help 
his company respond to zero- 
day attacks once patches are 
released by vendors. “I’m try- 
ing to figure out what I can do 
about it,” he said. 

No major zero-day attacks 
have been launched so far. But 
IT managers probably won’t 
have the luxury of being able 
to put off needed security im- 
provements for long, warned 
Mary Ann Davidson, chief se- 
curity officer at Oracle Corp. 

Malicious hackers are get- 
ting much better and faster at 
exploiting software flaws, 
Davidson said during a panel 





discussion. Last summer’s 
Blaster worm, which was one 
of the most virulent and wide- 
spread ever, hit the Internet 
barely one month after Micro- 
soft Corp. issued a patch for 
the Windows flaw that the at- 
tack exploited. A variant of 
Blaster called Nachi struck 
less than a week later. By com- 
parison, last January’s SQL 
Slammer worm didn’t appear 
until eight months after the 
discovery of the SQL Server 
database vulnerability it took 
advantage of. 

“You can see that the time 
lines are collapsing,” Davidson 
said. The trend suggests that 
it’s only a matter of time be- 
fore users start seeing attacks 
against flaws that haven’t yet 
been disclosed, or ones for 
which patches haven’t yet 
been released, she added. 

The number of new vulner- 
abilities and exploits surfacing 
on IT security discussion fo- 
rums and mailing lists are an- 
other indication that such at- 
tacks aren’t far off, said Todd 
Kunkel, network system secu- 
rity administrator at Adelphi 
University in Garden City, N-Y. 

Kunkel monitors discussion 
forums on a daily basis to try 
to keep abreast of new securi- 
ty threats and determine 





whether work-arounds are 
possible before attackers ex- 
ploit the flaws. “I try to find 
out if there’s anything that I 
need to worry about and see 
how I can go about fixing it,” 
he said. 

The relatively glacial pace 
at which some companies 
patch their systems against se- 
curity holes makes them at- 
tractive targets for zero-day 
attacks as well as conventional 
ones, said Gerhard Eschel- 
beck, chief technology officer 
at Qualys Inc., a Redwood 
Shores, Calif.-based company 
that provides vulnerability as- 
sessment services. 





Every three months, Qualys 
performs more than 1 million 
vulnerability scans on behalf 
of 1,300 clients and “several 
thousand” prospects, Eschel- 
beck said. He noted that one 
scan done last month identi- 
fied more than 12,000 systems 
that were vulnerable to a Win- 
dows remote procedure call 
flaw for which no patches 
were available at the time. 

The consequences of zero- 
day attacks are “potentially 
devastating” for companies 
that haven’t developed plans 
for rapidly responding to 
them, said Dennis Brouwer, a 
senior vice president at Dub- 
lin, Ohio-based SmartPipes 
Inc., a provider of managed 
network services. 

The only option that IT 
managers may have if they are 
caught unprepared by an at- 
tack is to shut down their sys- 
tems and restart, Brouwer 
said. “It’s almost like the re- 
sponse after 9/11,” he noted. 
“The first thing you do is to 
get all your airplanes on the 
ground.” @ 43525 


Technology details aren't the only thing to 

worry about regarding IT security: 

Qe QuickLink 43527 
www.computerworld.com 
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C&W Users Relieved by 


Deal to Sell U.S. Unit 


Turnaround firm 
agrees to buy Web 
hosting operations 


BY TODD R. WEISS 
Cable & Wireless PLC last 
week said it has found a buyer 
for its U.S. Web hosting opera- 
tions, giving a sense of relief 
to some corporate users who 
have stuck with C&W Ameri- 
ca since the unit was put up 
for sale in June. 

The agreement to sell C&W 
America to turnaround invest- 
ment firm Gores Technology 
Group LLC “seems to bring 
some uncertainty to an end,” 
said Ron Pellowe, director of 





systems and networks at 
EquipNet Direct Inc. in Brain- 
tree, Mass. “It puts a much 
stronger financial backer be- 
hind them.” 

Pellowe said EquipNet, 
which runs an online market- 
place for surplus industrial 
equipment, considered 
switching to a new hosting 
provider when London-based 
C&W made big cutbacks in 
the U.S. late last year and 
announced its pullout plans 
[QuickLink 38994]. But Equip- 


| Net decided to stay the course 
| with C&W America. 


“We felt the data centers 
were fairly stable, even though 


| the company was having 


NEWS 


changes,” Pellowe said. He 
added, though, that he needs 
to hear promises from Gores 
officials that they won’t close 
any more of C&W America’s 
hosting facilities. 

The Reston, Va.-based U.S. 
unit has shut down eight data 
centers this year, leaving 15 
still operating. A C&W Ameri- 
ca spokesman said no addi- 
tional closings are planned but 
added that nothing will be 
ruled out once Gores becomes 
the owner. In the meantime, 
C&W America will take other 
cost-cutting actions, including 
a network consolidation and 
renegotiations of contracts. 

The sale to Los Angeles- 
based Gores is expected to be 
completed by February. Gores 
will pay up to $125 million for 
C&W America, depending on 
future business performance. 
| By comparison, C&W paid 








C&W America 


® Filed for Chapter 11 bank- 
ruptcy protection to help facili- 
tate the deal with Gores. 

® Said C&W PLC will provide 
up to $100 million in financing 
to help fund operations until 
the sale is completed. 

@ Has hired two consultants to 
serve as its CEO and CFO until 
Gores takes control. 


$575 million and assumed $180 
million worth of liabilities 
when it bought the U.S. data 
centers and some overseas fa- 
cilities from Exodus Commu- 
nications Inc. in early 2002. 
Steve Wigginton, vice presi- 
dent of marketing, operations 
and development at Neoforma 
Inc. in San Jose, said he hasn’t 
had any problems with C&W 





www.computerworld.com 


America’s hosting services. 
“We're certainly happy to see 
what looks like a favorable 
resolution,” said Wigginton, 
whose company develops sup- 
ply chain systems and online 
marketplaces for hospitals and 
suppliers of medical products. 
Rick Thimble, IT manager 
for the U.S. and Europe at 
plastic parts maker Moldflow 
Corp. in Wayland, Mass., said 
he also is happy with C&W 
America’s performance and 
hopes to maintain his relation- 
ship with the hosting provider. 
But Sean Armstrong, senior 
Internet manager at Network 
Intelligence Corp. in Walpole, 
Mass., said his company began 
shopping for a new hosting 
vendor late last year and re- 
cently signed a contract with 
AT&T Corp. “We were sick 
of the uncertainty,” he said. 
@ 43474 
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OPINICN 


MARYFRAN JOHNSON 


Colliding With Customers 


HEN DELL YANKED its corporate 
PC tech support out of India and 
brought it back to U.S. soil recently, 
the move snapped a lot of people to 
attention. And no wonder. Here’s one of the indus- 


try’s most hyperefficient, 
cost-conscious vendors 
abandoning — at least for 
now — a cheaper offshore 
alternative because of 
customer complaints 
about poor service. 

In our front-page story 
last week [“Offshore Sup- 
port Questioned,” Quick- 

Link 43340], other heavy- 

weights such as IBM, 

Oracle, Hewlett-Packard, 

Microsoft and Computer 

Associates hastened to say that 
they’re not planning any Dell-style 
retreats from offshore tech support 
centers. But if the customer pain me- 
ter keeps moving in the wrong direc- 
tion — and users start walking away 
over service issues — those offshore 
savings could look a lot less com- 
pelling in the long run. 

So far, of course, the vendors know 
better than to redirect their high-end 
customers overseas for support. A 
Microsoft VP made the point in our 
story that no “premier support” con- 
tracts will be serviced out of the 
company’s new shop in Bangalore. 

In theory, the location of technical 
support people shouldn’t matter as 
long as the service quality is kept 
high and language barriers are kept 
low. In reality, the user experience 
isn’t so idyllic. The rapid growth of 
India’s multibillion-dollar outsourc- 
ing industry has made skilled IT 
workers harder to find and keep, es- 
pecially in the call centers, where at- 
trition rates can reach 35% a year. 

We heard from many readers last 
week with stories to tell about frus- 
trating offshore support encounters. 
They complained about rigid, “by the 
book” technicians who wasted their 
time wading through fixes already 
tried. They ran into problems with 





bad phone connections, 
strongly accented English 
that was hard to under- 
stand, and just plain in- 
competence. 

“The folks answering 
the support call do not 
know the product they 
are supporting, nor do 
they know the tools for 
reporting problems,” 
said one reader. “If Dell, 
Microsoft, HP, etc. con- 
tinue to move support 

jobs to India, they won’t have to wor- 
ry about customers, because there 
won't be any.” 

A New York-based chief technolo- 
gy officer, who’d had no complaints 
about previous Microsoft support, 
saw service quality change just re- 
cently when he called about an Ex- 
change problem. 

“The call got routed to a support 
center in India, and the technician in 
this case was obviously unqualified,” 
the CTO said. “He made little attempt 
to understand our problem... and 





within five minutes suggested we re- 
build the whole machine and reinstall 
Exchange” — advice wisely ignored. 
Ultimately, an experienced technician 


| in Dallas solved the problem. 


Another IT manager contended 
that the total cost of software owner- 
ship is spiraling in the wrong direc- 
tion. “Now companies are sending 
their support overseas, costing cus- 
tomers more in time to resolve the 
problems,” he noted. “All they really 
did is shift the expense over to their 
customer.” 

Despite the backlash, there are few 
signs that offshore outsourcing’s 
growth is slowing. Irate customers 
are certainly going to attract more 
attention to the dark side of off- 
shoring than displaced software tech- 
nicians will, but we’re still long on 
anecdotes and short on statistics 
about the long-term impact. 

In the meantime, emerging best 
practices suggest that you need to ask 
for performance metrics about prob- 
lem resolution, as well as independent 
surveys on customer satisfaction. 
Make sure your vendor’s training pro- 
grams are hammering on language 
skills as much as on technical ones. 

If Dell’s action is an early warning, 
other vendors may also end up 
changing course to avoid a customer 


collision. @ 43485 
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PIMM FOX 


Get Me 
Supply 
Chain, Stat! 


— OMBINING the words 
middleman and health 
care in one sentence 

is a sure way to produce gri- 
maces among the most kind and opti- 
mistic people. But here goes: With the 
right kind of middleman, even man- 
aged health care can be improved. 

If you think I’ve been sitting too 
close to the ether, then consider the re- 
sults for Jeff Solarek, director of mater- 
ial management at Dayton, Ohio-based 
Premier Health Partners Inc. Solarek 
oversees all the purchasing, distribu- 
tion, receiving and warehousing for 
seven large Dayton-area health care fa- 
cilities. By hooking up with San Jose- 
based Neoforma Inc., Premier is con- 
nected via the Web to a hosted market- 
place to order and track purchases. 

Back-order notifi- 
cation, which used to 
take 36 hours, is now 
processed in a mere 
two hours. The re- 
plenishment supply 
system has been au- 
tomated, with fill 
rates now managed 
through a link to Pre- 
mier’s purchasing 
system, which in 
turn does a hand- 
shake with Market- 
place@Novation — Neoforma’s suppli- 
er, distributor and manufacturer net- 
work. And there’s even a wireless con- 
nection for those actually walking 
around providing care and dispensing 
products. 

Solarek said Premier has saved $1.3 
million over the past two years by cut- 
ting transaction fees, streamlining pur- 
chasing procedures and negotiating 
better prices. Through the hosted ap- 
plication, Premier accesses 330 health 
care supply vendors. Impressive, sure, 
but the real innovation is the last mile 
into Premier’s legacy purchasing mod- 
ule and ERP systems. 

Corporate IT lets third-party IT 
operations make dedicated connec- 
tions to internal applications. The 
benefit is that the hosted operators 
map to myriad electronic data inter- 
change systems while IT maintains a 
single Web connection from the data 
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center to the service provider. 

As a result, you can keep your main- 
frame. Plus, you get savings by tracking 
what you buy, measuring what comes 
in and knowing how much you spend. 
Having up-to-date information gives 
you contract power, whether for sy- 
ringes or bed linens. And you don’t 
have to be a 1,000-bed facility to quali- 
fy. Neoforma has teamed up with Vista, 
Calif.-based dj Orthopedics Inc. to take 
the hosted setup to smaller sites such 
as doctors’ offices, pain management 
clinics and surgery centers. 

“Nobody tracked what was going on 
[before],” said Michael McBrayer, se- 
nior vice president at dj Orthopedics. 
“Now administrators are running 
things more as a business. And they’ve 
got to know what’s coming in, what’s 
going out.” They can track everything 
from the Ace bandages that your doc- 
tor hands out to X-rays and office sup- 
plies. (Say, does that mean no more 
free samples?) 

Sure, it’s depressing to think of the 
practice of medicine in terms of ROI, 
but like the common cold, such think- 
ing is here to stay. At least hosted solu- 
tions for supply management are a tan- 
gible palliative. @ 43330 


DAVID MOSCHELLA 


An 
Optimist’s 
Analysis 


ORE THAN three 
years after the Inter- 
net bubble burst, 

IT forecasters are still being 


asked. “Will robust growth in 
information technology spending ever 
return and, if so, when?” 

Count me among the optimists. 
There have always been four main dri- 
vers of IT industry growth: inventory 
levels, the overall economic environ- 
ment, customer confidence and major 
IT innovation. Although the current 
situation in each of these areas is by 
no means ideal, all four factors are 
now decidedly positive. This bodes 
well for a pretty good 2004 and a po- 
tentially strong 2005-06. Consider the 
following evidence: 

Inventory levels. During the dot-com 
bubble, many companies overinvested 
in IT. It’s hardly surprising that it has 
taken a few years to burn through the 
resulting excess. However, in areas 
such as mass storage, telecom equip- 


OPINION 


ment, PCs and software, 
there’s growing evidence 
that most of this excess ca- 
pacity has been consumed 
and that pent-up demand is 
building. Keep in mind that 
the last major slowdown in 
IT spending lasted roughly 
five years, from 1986 to 1991. 

Economic cycles. Since IT 
now comprises nearly half of 
all U.S. capital investment, 
spending for it can’t grow 
without the support of a sol- 
id economy. Fortunately, the 
U.S. economic recovery 
seems to be well under way. Whatever 
you think about the long-term wisdom 
of the Bush tax cuts, the huge federal 
deficits and the rapidly falling dollar, 
these policies have provided a power- 
ful short-term stimulus that has led to 
renewed business and consumer confi- | 
dence. On the other hand, any major 
new terrorist attacks in the U.S. or any 
worsening of the situation in Iraq could 
easily put an end to this momentum. 

Customer confidence in IT. Forecasters 
are trained to rely on empirical data, 





DHS, Heal Thyself 


| dictions is complicated, but haven't | 
nationwide brick-and-mortar ven- 


but the single most impor- 
tant factor has always been 


strongly do customers be- 
lieve in the potential of IT? 
During downturns, every- 
one likes to talk about 
short-term payback and 
ROI, but for most major IT 
projects, such measure- 
ments can’t be made with 
accuracy. Consequently, 
customer confidence and 
perseverance is often re- 
quired. As I wrote last 
a month, Accenture’s new ad 
campaign featuring Tiger Woods may 
signal a turning point in our industry’s 
self-confidence and leadership [Quick- 
Link 42544]. 

Significant innovation. Historically, ma- 
jor supply-side innovations have 
helped drive the IT industry forward. 
Think PCs, LANs, the Internet and 
much more. But don’t expect the com- 
ing recovery to be led by grid comput- 
ing, blade servers or any other vendor 
technology. Instead, the most impor- 
tant innovations will be those coming 


done to enable Linux to take over 
the traditional roles performed by 
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| from IT customers. Reasons for opti- 
| mism include a revitalized online ad- 
psychological. That is, how | 


vertising business, the growing inter- 


| est in RFID, the success of RosettaNet 
| and the strong initial growth of Apple 
| Computer’s iTunes. On the other hand, 


many forms of potentially important 


| demand-side innovation continue to 
| lag, especially in health care, bill pre- 


sentation and e-government. 
The customer-driven innovations 


| listed above suggest an important dis- 


tinction. Many new sources of IT 


| spending growth won’t necessarily be 


part of the traditional IT budget. This 
is why many of the leading “IT spend- 
ing surveys” could easily underesti- 


| mate the strength of the coming recov- 


ery and why mainstream IT budgets 


| may not feel any real sense of relief. 


Looking ahead, the prospects for over- 
all IT spending and the IT depart- 
ment’s budget will increasingly di- 


verge. @ 43327 
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| salaries to adjust for a higher cost of 
| living, China (or another player) will 








HE PAGE ONE STORY “Feds 

Say IT Security Lacking” 
[QuickLink 43338] was a very in- 
teresting article. However, the De- 
partment of Homeland Security 
should probably remove the stone 
fromiits own eye before lunging for 
the motes in the eyes of the IT in- 
dustry. The Open Relay Database 
lookup clearly shows that the DHS’s 
primary inbound mail server is an 
open relay - it will accept connec- 
tions from anywhere and forward 
mail anywhere - making it a ripe tar- 
get for sending spam or other forms 
of abuse, such as mail floods. Since 
the DHS's own server is what Tom 
Ridge might call “an attractive tar- 
get for terrorists,” perhaps more 
time should be spent bolstering the 
department's security. 
David Romerstein 
Springfield, Va. 


A Taxing Matter 


EAVEN FORFEND that we 

make shopping experiences 
equitable by having all merchants 
collect taxes [“Don’t Shoot the In- 
ternet,” QuickLink 42893]. Yes, the 
current system with 7,500 tax juris- 


just as a base for Novell's Linux de- 





dors been dealing with this for 
years? If online merchants can't 
compete on a fairer playing field, 
maybe they haven't really innovated 
anything beyond a way to draw 
people with artificially low prices. 
Jack Vinson 

Knowledge management 
advocate, Evanston, Ill. 


Novell’s Future 


IMM FOX’S opinion on 

Novell/SUSE would be under- | 
standable if this was a normal 
growth-type acquisition, but Nov- 
ell's viability is at stake [“Novell + 
SUSE = Problems,” QuickLink 
43073]. Here’s how | see it: Novell 
will abandon the NetWare kernel 
within a few years (though it may 
continue to support the installed 
base) as it remakes itself as a Linux 
software company. The SUSE em- 
ployees can continue to work on 
SUSE as a separate product, not 


velopment efforts. The Novell em- 
ployees in Utah will continue to work 
on porting and developing Novell 
products for Linux and Windows. 
And there is still plenty of work to be 





Microsoft and NetWare server oper- | 
ating systems. The Ximian group will | 


be working to integrate Linux desk- 
tops with Microsoft and Novell tech- 
nologies and to evolve the Linux 


desktop. | can foresee development | 


work being done to create Java 
client ports of certain Windows 
software to enable it to work cross- 
platform; cross-platform technolo- 
gies may be Novell's other strength. 
| think this purchase opens up a 
whole new world of opportunities 
for Novell. | do agree with Fox that 
Novell needs to be smarter than it 
has been in its acquisitions and 
product marketing. The company’s 
very survival depends on how it 
handles the new opportunities that 
Linux affords. 
Jim Anderson 
Nyack, N.Y. 


Workforce du Jour 


EGARDING THE ARTICLE “In- 

dia Hits Back on Outsourcing 
Job Fears” [QuickLink 43204], 
companies want to maximize their 
profits. When India’s economy in- 
evitably begins to swell and Indian 
workers rightfully ask for higher 


be all too happy to provide a cheap- 
er workforce. Then it will be the 
Chinese making bold statements 
about being better, smarter and 

| more motivated. 

As aside note: Regardless of 

| where companies go for cheap la- 

| bor, they need buyers, right? So, 

| what happens to their client- or 
consumer-based markets when the 
median purchasers are all out of 
work or progressively more under- 
paid. In the end, aren't these com- 

| panies gutting their own futures? 
Willem Harlow 

| Software marketing manager, 

| Los A ngeles 


COMPUTERWORLD welcomes 

| comments from its readers. Letters 
will be edited for brevity and clarity. 

| They should be addressed to Jamie 
Eckle, letters editor, Computerworld, 
PO Box 9171, 500 Old Connecticut 
Path, Framingham, Mass. 01701. 
Fax: (508) 879-4843. 

E-mail: letters@computerworld.com. 
Include an address and phone num- 
| ber for immediate verification. 


For more letters on these and 
| other topics, go to 


| Www.computerworld.com/letters 
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By cutting up to 80% off your 
development time, Visual Studio 
-NET 2003 gives you more time 
to do what you do best. Think. 


Got a big idea? Visual Studio” NET 2003 
delivers a higher level of productivity, so 
you can turn that big idea into reality 
faster than you ever thought possible. 
Want proof? Merck & Co. Inc. was able 
to create a solution that accelerated and 
improved the accuracy of their monitoring 
process in a time frame barely imaginable 
before they began using Visual Studio 
.NET 2003. To read the full story on how 
Merck and other companies are using 
Visual Studio .NET 2003 to quickly 

turn their big ideas into reality, visit 
msdn.microsoft.com/visual/think 
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AND ROBUST SQL 


ONLY ONE DBMS 


GIVES Y 


For your next generation of applications, move 
to the next generation of database technology. 

Caché is the post-relational database that com- 
bines high-performance SQL for faster queries and 
an advanced object database for rapidly storing 
and accessing objects. With Caché, no mapping 
is required between object and relational views of 
data. That means huge savings in both development 
and processing time. 

Applications built on Caché are massively scala- 
ble and lightning-fast. Plus, they require minimal or 
no database administration. 

More than just a database system, Caché incor- 
porates a powerful Web application development 


U BOTH 


environment that dramatically reduces the time to 
build and modify applications. 

The reliability of Caché is proven every day in 
“life-or-death” applications at thousands of the world’s 
largest hospitals. Caché is so reliable, it’s the leading 
database in healthcare — and it powers enterprise appli- 
cations in financial services, government and many 
other sectors. 

We are InterSystems, a specialist in data manage- 
ment technology for twenty-five years. We provide 
24x7 support to four million users in 88 countries. 
Caché is available for Windows, OpenVMS, Linux and 
major UNIX platforms — and it is deployed on systems 
ranging from two to over 10,000 simultaneous users. 


InterSystems & 


E.. CACHE 


Make Applications Faster 


Try a better database. For free. 


Download a free, fully-functional, non-expiring version of Caché or request it on CD at www.InterSystems.com/robust 
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SECURITY MANAGER’S JOURNAL 


Good Firewalls Make Good Neighbors 


Placing firewalls between corporate divisions 


can help prevent the spread of malicious 
code, but Vince Tuesday finds that getting 
the rules right isn’t easy. Page 34 


QUICKSTUDY 
Windows Installer 


This Windows service allows applica- 
tions to be installed cleanly and con- 
sistently and tracks the use of system 
resources to minimize conflicts. Page 32 


Web Services Put GIS on the Map 


Geographic information system vendors 
are moving to support Web services. This 
should enabie IT to embed powerful 
analysis and mapping services in familiar 
end-user applications. Page 30 
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ECISIONONE had just scrapped its IT outsourcing deal 
with Electronic Data Systems Corp., but not every 
one of its applications was destined to be run inside 
its own data center. Its CRM effort would either con- 
tinue as a mishmash of Excel spreadsheets or move 
to a hosted service. 

The reason: “We wanted to get our CRM software 
up and running in 45 days,” recalls Frank Tait, vice president of marketing 
at the Frazer, Pa.-based IT support services firm. “We were also con- 
strained about how much we could do because we were bringing all of IT 
back in-house.” 

DecisionOne opted to go the hosted route and selected a service of- 
fered by Salesforce.com Inc., which met that 45-day deadline for provid- 
ing a CRM system to the company’s 140 sales and marketing users. That 
success underscores one of the key benefits of subscription-based CRM: 
swift deployment. But there are technical challenges beyond the need for 
timely implementation that companies must consider when deciding 
whether to subscribe to a CRM software service, or license and run CRM 
software themselves. IT managers must evaluate potential problems, 


Hosted CRM services offer 
easier and faster setup and 
more customization options. 
But integration, data control, 
training and even privacy is- 
sues could shift the decision 
toward an in-house imple- 
mentation. 
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which run the gamut from customization and train- 
ing to data integration and security. 

For some companies, customizing CRM to reflect 
the needs of a given sales organization is critical. 
When subscription-based CRM first appeared, that 
wasn’t possible. Customization flew in the face of the 
application service provider (ASP) business model 
of managing a single code base for many customers. 

But as CRM subscribers become more sophisticat- 
ed, rigid restrictions on modifying the underlying 
code limited their capabilities. Some companies 
looked elsewhere. “Every CRM implementation be- 
comes almost a proprietary product,” says David Lei- 
bowitz, managing director of solutions architecture 
at Lexington, Mass.-based Excelergy Corp., which 
supports utility and telecommunications operations. 
That’s why Excelergy shifted from Salesforce.com’s 
hosted service to an in-house implementation of Mi- 
crosoft Corp.’s CRM software. 

Faced with demands for customization, 
San Francisco-based Salesforce.com, the 
current leader in the CRM subscription 
market, shifted its strategy earlier this 
year with the introduction of Sforce, now 
in its 2.0 release. According to company 
Chief Technology Officer Cary Fulbright, 
users “can create their own custom data entities.” He 
adds, “We control all the code, but they can change 
data types.” 

Yamil Hernandez, director of IT at Sigma-Tau 
Pharmaceuticals Inc. in Gaithersburg, Md., has done 
just that, changing a standard Salesforce.com field to 
match those needed for his 35-member sales team’s 
custom work with dialysis centers. 

Application integration has been another stumbling 
block for ASPs. Salesforce.com has struck deals with 
third-party suppliers, such as Tibco Software Inc. in 
Palo Alto, Calif., to provide standard connectors be- 





HOSTED CRM ROI 


Return on investment can 
vary when measuring long- 
vs. short-term results: 


@ QuickLink 43110 
www.computerworld.com 
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| tween its software and other enterprise applications. 


But even with those changes, the subscription 
model for CRM doesn’t interest Michael Fields, 
director of business sales operations at Cingular 
Wireless in Atlanta. That’s because the most critical 
aspect of CRM, he argues, “is solving business 
process problems.” That means much more than 
making application changes at the field level. True 
business process integration, he says, requires deep 
links into in-house and customized proprietary ap- 
plications as well as off-the-shelf software. 


Economies of Scale 

A longtime user of CRM software from Siebel Sys- 
tems Inc. in San Mateo, Calif., Fields says that a large 
company like his, with 1,800 CRM users, has to be 
able to manage an application more rigorously. The 
fact that ASPs regularly update their code bases 
makes him extremely nervous because of 
the possibility that an integrated business 
process could be broken by a change that 
he doesn’t control. But Fields isn’t op- 


ple. In fact, he says a hybrid approach 
might be ideal for tying third-party part- 
ners into his CRM process (see below). 

Fulbright disputes the notion that his company’s 
ASP model limits Salesforce.com to smaller opera- 
tions. So far, the company’s biggest deployment is 
1,000 users. However, he claims that Salesforce.com 
could handle a business with up to 50,000 seats. 

But size isn’t the issue when tight integration is the 
problem, says Leibowitz. He says that midsize com- 
panies often need to link their messaging infrastruc- 
ture with their CRM operations. Leibowitz says he 
chose Microsoft because it has “done an extraordi- 
narily good job of integrating its CRM with Outlook 
and Exchange.” 


THE THIRD OPTION: 


This month, Siebel Systems went live with its Siebel 
NP EU eS male UES lai eM eT 
managed by IBM as part of its OnDemand services. 
Users of Siebel 6.0 software or higher will be able 
to integrate their on-premises licensed CRM appli- 
Pr MURMUR Ue MeMe Ee MN eC ReLi 
rented and owned software that could make hosted 
systems an attractive way to extend in-house enter- 
lee OES Ce 

That approach appeals to Michael Fields. “Our 
third-party partners can use it for lead generation,” 
says Cingular Wireless’ director of business sales 
operations. Right now, sales leads from third par- 
ties need to be entered into Cingular’s Siebel soft- 
ER OM M SCR CRU Mees ECU es 

According to Ken Rudin, vice president and gen- 
eral manager for Siebel CRM OnDemand, prebuilt 
connectors let OnDemand and on-premise versions 
of the application automatically synchronize 


changes on both sides. 

Fields says the hybrid approach offers the bene- 
fits of application integration and adds third-party 
sales efforts to Cingular’s automation of business 
processes. And Siebel’s $70 million purchase last 
month of UpShot, a subscription-based CRM com- 
pany, will add to OnDemand'’s capabilities, claims 
AMR NCR OUST acm Mince lm TU) 
Microsoft Outlook and handheld devices will be 
added to the OnDemand product. 

So far, competitors haven't followed suit. Belle- 
vue, Wash.-based Onyx Software Corp., like Siebel, 
MEU eeM NUM em mear CM CR mene Tirlile 
NET IMO M LCM Ot mele e-le Mel Mae lela eee en] 
subscription mode. It’s a hosted but fully licensed 
application. The leading ASP for online-only CRM 
software, Salesforce.com, says it has no plans to 
offer an on-premise licensed version of its software. 

mt Fleer 


posed to subscription services on princi- . 
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Even Salesforce.com user Hernandez says he wish- 
es his ASP’s software had better real-time links to 
Microsoft’s BizTalk. “As a Microsoft shop, that would 
be nice to have,” he says. “But it’s not a must-have.” 

“Salesforce.com’s product does its thing very 
well,” says Adam Honig, president of Akibia Consult- 
ing in Westboro, Mass. “But it’s a corkscrew. Siebel is 
a Swiss Army Knife.” For example, Siebel’s flexibility 
comes into play particularly well when you've tied in 
your call center operations with CRM, Honig says. 
That’s because call centers are subject to “peaks and 
valleys” in demand, and you need to be able to han- 
dle the performance variance, he says. 

Benjamin Holtz, CEO of Green Beacon Solutions 
LLC in Watertown, Mass., agrees, adding that it can 
come down to simple issues such as being able to re- 
boot a CRM server. “Sometimes, you just need to be 
able to get your arms around the box,” he says. 

ASPs dismiss such criticism. Keith Raffle, former 
chairman of UpShot Corp., a subscription-based 
CRM software company recently bought by Siebel, 
says service-level agreements protect users from 
downtime and outages. 

User training is often touted as another benefit of 
subscription-based CRM. Tait lauds Salesforce.com’s 
Web-based training and is delighted at “not having to 
maintain training manuals.” This is particularly help- 
ful when Salesforce.com adds features to its soft- 
ware, he says. But regular updates by ASPs to their 
applications scare Holtz. “New stuff confuses users,” 
he claims. “Sales guys are inherently idiots.” 

Privacy is another concern. Although there haven’t 
been any scandals about ASPs losing user data or 
having it fall into the wrong hands, IDC analyst 
Robert Blumstein advises potential CRM subscribers 
to investigate the safeguards an ASP has in place to 
protect your data. “It’s going to be your responsibili- 
ty,” he says. And privacy laws could prove to be even 
trickier, warns Honig, especially if you have interna- 
tional or medical customer data stored outside your 
premises. You should review HIPAA restrictions and 
other nations’ strict privacy laws carefully before 
opting for an ASP. @ 43211 
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THOSE STILL USING. 
SERVERS FOR STORAGE 


MAY FIND THIS TECHNOLOGY 
EQUALLY EXCITING. 
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“Silent Spin” dial 





Mice eatery eyera 0 
(up to six lines + intercom!) 


Two ring tones and 
three volume settings 
Expando-Cord provides 


up to 8’ of mobility from 
phone base! 


Advanced “Buzzer Button” 


Available in three designer hues 
including onyx black 


But those who are ready to separate storage from servers will find this even mere thrilling: The EMC C 
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it far more efficiently at a surprisingly retro price. Advanced EMC storage for faster, more secure back- 
been so affordable. Quick, pick up the phone. 


CX series now starts at just $9,995. That’s right. You can consolidate all your information, protect it better, and 
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Web services enable IT to easily embed powerful 


"geographic information system analysis and 
mapping capabilities in familiar end-user 


OR EDENS & AVANT, which 
builds and manage shopping 
centers, location is every- 
thing. Building in a neigh- 
borhood with the wrong de- 
mographics for its retail ten- 
ants or where traffic flow or 
access is poor can lead to 
disaster, says David Beitz, 
geographic and marketing information 
systems manager at the $2.3 billion real 
estate investment firm. “The cost is 
tremendous if you build a shopping 
center somewhere and a major tenant 
leaves. You’re going to lose a lot of 
money,” he says. 

To ensure that doesn’t happen, Beitz 
uses geographic information system 
(GIS) tools and data from Environ- 
mental Systems Research Institute Inc. 
(ESRI) in Redlands, Calif. By creating 
a geographic map and overlays that 
plot customer populations and demo- 
graphics, competing businesses and 
street and traffic patterns, Beitz can 
produce a visual report that decision- 
makers can use. The entire process 
takes just a few minutes. 

Today, Columbia, S.C.-based Edens 
& Avant purchases the underlying data 


This map, viewed within software vendor 
Environmental Systems Research Institute 
Inc.’s ArcExplorer viewer, includes data 
overlays that are accessed in real time 
over the Web to show the street network, 
terrain and proximity of EPA toxic waste 
sites. The map includes a layer containing 
properties specified by the user and ac- 
cesses ESRI’s ArcIMS map services to 
view three overlays. These include a 
BAC) a ese elee eres ecm Urlmelee Tt (ry 
high-resolution terrain data from the U.S. 
Geological Survey, a street map overlay 
from the U.S. Census TIGER database and 
Wire m ie CECE ELC 





| applications. By Robert L. Mitchell 


and then periodically updates it. But 
Beitz is also experimenting with ac- 


cessing current data via the Web. Us- 


ing ESRI’s ArcExplorer Java Edition 
viewer, Beitz can quickly build a map 
that combines his internal data with 
the latest street data from the U.S. 
Census Bureau and toxic waste site 
data from the Environmental Protec- 
tion Agency (see image). ESRI offers 
both sets of data as Web services. 
“You're not downloading it; you're 
basically viewing it,” Beitz says, so 
there’s no need to use a local copy 
of that data. 

Beitz uses ArcExplorer for initial 
screening of prospective sites but says 
he still does in-depth analysis with 
data purchased for use in-house. “You 
can’t do really good-looking maps [us- 
ing ArcExplorer],” he says. But that 
may change as GIS tool vendors, data 
providers and users gradually make 
more GIS data and applications avail- 
able as Web services. 

Rapidly evolving support for Web 
services in GIS is not only changing 
how analysts access and view maps 
and data; vendors and analysts say it 
will also facilitate the integration of 
GIS functions into a wide range of ap- 
plications. In so doing, Web services 
will open up GIS to decision-makers, 
who will have direct access to some 
capabilities that are available today 
only by working with a specialist. 

“Historically, geospatial has been 
seen as something kind of in the base- 
ment,” says George Moon, chief tech- 
nology officer at Troy, N-Y.-based Map- 
Info Corp. Web services can put rele- 
vant GIS applications on the end user’s 
desktop by embedding them within fa- 
miliar applications. “I don’t have to un- 
derstand a proprietary interface to em- 
bed code,” he says. 

A suite of emerging Web services 
standards from the Open GIS Consor- 
tium Inc. (OGC) in Wayland, Mass., is 
facilitating this transition by enabling 
interoperability. The most heavily used 
of those standards, Web Map Service, 
Web Feature Service and the XML- 
based Geography Markup Language, 
“allow applications to access distrib- 
uted spatial data across the Internet to 
any OGC-enabled repository,” says 
Carl Reed, executive director of the 





OPENING UP GIS 


CARL REED is the executive director 
of the specification program at the 
Open GIS Consortium. He recently 
spoke with Robert L. Mitchell about 
the way Web services standards are 
opening up the world of GIS. 


What is the OGC? We're a nonprofit 
with over 260 members. It’s just 
about all the GIS vendors, integrators, 
broad IT industry [representation]. 
The goal is to enter into a consensus 
process to advance open specifica- 
tions that can be used globally to en- 
able geospatial technologies to plug 
and play. 

All of the OGC specifications are 
publicly available, open for use by 
anybody, and there are no royalties. 


What's the benefit to enterprise IT? 
When someone buys into a propri- 
etary software system, it becomes 
very difficult for users to add new 
technologies in the future. The OGC 
was Created to bring vendors together 
to agree on these open interfaces. 


How have OpenGIS specifications 
changed the way users work with GIS 
and mapping technology? We are see- 
ing a rather significant increase in the 
use of spatial Web services. We’re 


seeing this expansion of Web services 
to appeal to specific user questions - 
a series of spatial services that allow 
people to make specific decisions. 
You can build spatial data infrastruc- 
tures - geospatially enabled portals. 


Is security a concern with GIS Web 
services? | think so. As with any data, 
holders of that information determine 
who should see that data. We use 
broader industry standards such as 
PKI encryption[to solve the problem]. 


Will OGC standards really make GIS 
products more open? Yes. The use of 
OpenGIS specifications in applica- 
tions and technology products en- 
ables the implementation of vendor- 
neutral plug-and-play architectures. 

Further, many organizations have 
now implemented production sys- 
tems, accessible via the Web, that al- 
low users to access spatial data dis- 
tributed across many organizations 
and stored in many formats. 

These systems may rely on GIS soft- 
ware from multiple vendors. Thus, use 
of an OpenGIS interface allows access, 
manipulation and display of spatial 
data without exposing the format of 
that data or any specific vendor’s algo- 
rithms or intellectual property. 
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OGC’s specification program. 

“Advances in databases and analysis 
tools, coupled with enhanced Web ca- 
pability, is bringing this to the masses,” 
says Rob Enderle, an analyst at San 
Jose-based Enderle Group. 

Microsoft Corp. is helping to broad- 
en acceptance of mapping tools with 
MapPoint 2004, a street-mapping pro- 
gram that includes some demographic 
overlays. Users can buy the package or 
access MapPoint Web Services, which 
can be integrated into an application 
developer’s Global Positioning System 
application. 

Other vendors offer more sophisti- 
cated tools and are also adding Web 
services offerings, but “Microsoft ap- 
pears to be the leader in just making 
things easier for Web deployment,” 
Enderle says. 

Web services extend the use of GIS 
by making the integration with other 
applications easier, according to Map- 
Info’s Moon. “If I want to show a map 
to a customer in my address book, I 
don’t have to embed that into the con- 
tact application. I can now expose that 
through a Web service to add value 
without having to [rewrite] my code 
base,” he says. 

The promise of up-to-date informa- 
tion is also attractive to Steve Wallace, 
senior strategic planner at Florida 
Farm Bureau Insurance Cos. in Gaines- 
ville, Fla. He uses GIS tools and data 
from MapInfo to qualify homeowner's 
policy applications and track changes 
in municipal boundaries. 

While using Web services to gain ac- 
cess to regularly updated data sounds 
appealing, Wallace doesn’t see that 
method ever replacing his internal GIS 
system. “Do I think that someone 
would build a Web service to do exact- 
ly what our company needs? Not likely. 
Some have tried, but they are rather 
simple,” he says. 

And despite the promise of GIS Web 
services, interoperability among GIS 
programs and data sources is far from 
seamless. “That’s because the data has 
been defined differently. This is a big 
issue,” says the OGC’s Reed, noting 
that even details such as road width 
can affect an analysis when combining 
data in overlays. “We’re working with 
states and counties to ... deal with 
those differences on the fly so that the 
data becomes seamless,” he adds. 

But for now, says Bern Szukalski, 
product manager at ESRI, “those stan- 
dards really aren’t quite . .. mature.” 
Today, they simply provide a “lowest | 
common denominator” for mapping | 
and GIS functions, he says. 

ESRI, the industry heavyweight with | 


SEs 


Ame 


perhaps the broadest range of prod- 
ucts, repackages data into the Shape- 
file format that’s optimized for use 


with its own products. ESRI’s ArcEx- 


plorer viewer is designed to support 
Web services provided through its pro- 
prietary ArcIMS server software, al- 
though users can download a free ex- 
tension to access Web services that 
support OpenGIS protocols. Support 
for the SOAP protocol won't appear 
until the next major release of its prod- 
ucts, however. 

Moon says MapInfo supports both 
OpenGIS and the World Wide Web 
Consortium’s Web services standards, 
including SOAP, WSDL and UDDI, in 
products such as its miAware software 
for developing location-based services. 
“We're making sure all of our products 
can integrate to back-end services — 
our own or someone else’s,” he says. 

Vendor adoption of GIS Web ser- 
vices is still a work in progress. But in 
five years, Reed predicts, access to 
spatial services online will be as ubiq- 
uitous as Internet access is today. 
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For a sampling of GIS tool providers, visit 
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BY ROBERT L. MITCHELL 
O MORE DLL HELL. That 
was just one of Micro- 
soft Corp.’s goals when 
it introduced the Win- 

dows Installer service along 

with Windows 2000 nearly 
four years ago. The service, 
which now runs on Windows 

XP, Windows Server 2003 and 

earlier versions of Windows 


by way of service packs, was 
designed to provide much- 
needed consistency to the 
Windows application installa- 
tion process. 

Before Windows Installer 
was available, software devel- 
opers created their own auto- 
mated installation scripts or 
used third-party authoring 
tools to create an installation 
program. Each followed differ- 
ent rules, had a limited ability 
to keep track of files also in 
use by other applications and 
had no ability at all to track 
shared use of nonfile re- 
sources such Windows reg- 
istry keys. 

This situation resulted in 
the classic problem in which 
one application would install a 
Dynamic Link Library (DLL) 
in the Windows system direc- 
tory only to have another ap- 
plication overwrite it with a 
different version, breaking the 
first application in the proc- 
ess. Uninstall programs like- | 
wise unknowingly re- 
moved DLLs or 
changed registry keys 
that other applica- 
tions were sharing. 

Windows Installer 
enforces a single set of 
installation rules that all com- 
pliant applications follow, in- 
cluding versioning rules that 
prevent the overwriting of 
newer files with older ones. It 
also keeps track of all changes 
made to Windows, including 
any made to the file system 
and registry keys. 

For Installer to work, soft- 
ware developers must replace 
traditional installation scripts 
with Windows Installer pack- 
age files (called .MSI files, af- 
ter the file extension). And 
since Windows Installer can 
track only installations that 
follow the .MSI format, end 
users will reap the full benefits 
only when all applications in- 
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Installer 


DEFINITION: 
Windows Installer is a Windows 
service that allows applications 
to be installed cleanly and consis- 
tently and tracks the use of system 
resources to minimize conflicts. 


stalled on a Windows machine 
support Windows Installer. 
An .MSI package functions 
as a small relational database 
with fields containing all of 
the information and instruc- 
tions that Windows Installer 
needs to successfully deploy 
an application. At runtime, 
Windows Installer converts 
the .MSI data into an install 
script and an uninstall script. 
This allows for a graceful roll- 
back of the application and 
restoration of the system to its 
previous state if an in- 
stall fails. For example, 
if an upgrade to Office 
System fails, the sys- 
tem can roll back to 
the previously in- 
stalled Office XP ver- 
sion and the user can continue 
working — something that 
didn’t always happen before. 
The .MSI breaks the instal- 
lation data into three parts 
(see diagram). This architec- 
ture enables it to install appli- 
cations without ever having to 
manage individual resources 
directly. Instead, it groups reg- 
istry keys, files and other re- 
sources into components, 
such as the Speller Engine in 
Microsoft Office. Components 


group together interdepen- 


dent resources, such as an ex- 
ecutable program file and the 
registry key that holds license 
information. 

Windows Installer tracks all 





| changes made to the system 


during the installation at the 
component level and keeps 


“refcounts” that tell how many 


applications share a given 
component. It also assigns 
each component a globally 
unique identifier (called a 





GUID or “gwid”) and a key- 
path, which Windows uses to 
identify the component. By 
maintaining refcounts at the 
component level rather than 
for each individual resource, 
Windows Installer can easily 
track all shared resources, not 
just files. DLLs and other re- 
sources are deleted only when 
the last component that uses 
them is deleted. 

The .MSI package groups 
components into features. 
These are the user-recogniz- 
able chunks of an application, 
including options that users 
can choose to install, such as 
Word in the Office suite. Sub- 
features, such as a spell check- 
er, can be nested within a larg- 
er feature for more granular 
control of the installation 
process. Features can share 
components, and they allow 
more installation options than 
do scripted installs. With .MSI, 
features can be installed to 
run locally, to run from a sec- 
ondary location such as a 
product CD, or they can be 
“advertised,” appearing in an 
application’s menu but in- 


How Windows Installer 
Packages an Appiication 


in this example, the Windows Installer MST file contains the Office product and all 
of its elements, including features that users can deploy. Each feature is associat- 
ed with components, each of which references a set of registry key settings, DLL 
files and other resources that must be installed as a group. In this way, components 
may be installed or deleted, but resources remain unaffected unless no other com- 


ponent is using them. 
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stalling only when the user in- 
vokes the feature. All of the 
features that make up an ap- 
plication are then aggregated 
into a single .MSI file. 


Management API 
Windows Installer also in- 
cludes a management applica- 
tion programming interface 
(API) that it uses to keep track 
of installed products, features, 
components and keypath data. 
Using this API, an application 
management tool can repair a 


| broken application. Through 


the API, it can determine 
which component isn’t work- 
ing and reinstall just that com- 
ponent and its associated re- 
sources, rather than the entire 
application. 

Administrators can cus- 
tomize the .MSI package by 
creating a complementary 
transform (or .MST) file. The 
transform can provide answers 
to Windows Installer when the 
.MSI file calls for user input, 
such as choosing which op- 
tions to install or the correct 
installation path. It can also 
remove unwanted features 
from the basic installation. 

Software vendors have been 
slow to adopt the .MSI format. 
Nearly four years after Win- 
dows Installer’s release, many 
applications still use non-.MSI 
installation routines. To get 
the full benefits of Installer, 
enterprise administrators have 
turned to automated applica- 
tion packaging tools [Quick- 
link 42711]. Such tools can cre- 
ate .MSI packages for non- 
compliant applications as well 
as build transforms for exist- 
ing packages. For most other 
users, however, the legacy of 
installation conflicts will 
linger until every noncompli- 
ant Windows application on 
the desktop has been updated. 
@ 43195 


COMING SOON 


Microsoft says Windows Installer 3.0 will 
have features aimed at enhanced security: 
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Good Firewalls Make 


Good Neighbo 


Erecting internal security fences can stop 
attacks from spreading between corporate 
divisions — if you can get the rules right. 


By Vince Tuesday 


E'VE DECIDED that | 

as a corporate sub- | 

sidiary, it’s time to 

leave home and | 
strike out on our own froman_ | 
IT security perspective. His- | 
torically, because the parent 
organization owns us, we have | 
trusted them completely. We | 
have some 10 connections with | 
no controls between our net- | 
works and theirs. — 

This arrangement 
has worked well until 
now, so we haven’t 
done very much mon- 
itoring on the links 
between our net- 
works. But we began 
to question this arrangement 
when the SQL Slammer worm 
infected our network recently. 
Their group feels pretty cer- 
tain that we infected them, 
and my team thinks the oppo- 
site. Either way, going forward 
we need protections to make 
sure this can’t happen 
The simplest way to keep 

malicious code from spreading 
between our networks is to 
deploy firewalls and config- 
ure them so they limit traffic 
to what’s needed and block 
everything else. So we an- 
nounced our intentions to our 
colleagues and proceeded with 
the deployment. They weren't 
upset, since they feel that they 
will be protected from us. 


Setting Up 
Our first step was to identify 
all of the network links be- 
tween our organizations. That 
was easy, but there were more 
than I expected. I think we 
found them all, but it will be 
interesting to see if we flush 
out any more links. 

Once we had found the 


again. 





SECURITY 
MANAGER'S 
JOURNAL & 


| expensive part, but that alone 


physical connections, it was a 
simple task to deploy the hard- 
ware firewalls. In fact, we sur- 
prised our parent company 
because we spent significant 
effort educating them that 
this was coming so they could 
help us with the rules. Once 
their key decision-makers 
gave us the green light, we 
went ahead with the deploy- 
ment. We completed 
the work while the 
other group was 
still informing its 
IT troops that this 
had been approved. 
Putting the hard- 
ware in place is the 


doesn’t give you any protec- 


| tion. For that you need a well- 
| thought-out rule base that 
| limits high-risk connections 


while allowing business- 


| critical traffic to flow freely. 


Our first approach was to 


| enable intrusion-prevention 
| system capabilities within the 
firewall. Firewall vendors put 


a great marketing spin on this 


feature: “You don’t need an ex- | 


pensive burglar alarm to tell 
you about break-ins on your 


| network, because our firewall 


Our grand plan 
of protecting ‘us’ 
from ‘them’ and 

vice versa has now 
been split into 
two phases. 





just stops them all dead.” I 
haven't done a wide review of 
intrusion-prevention systems 
in firewalls, but with our fire- 
walls, it’s pretty much rubbish. 
It will successfully identify 
and stop only about 20 known 
attacks. The list of attacks is 
built into the firewall operat- 


| ing system rather than using 


signature updates like our an- 
tivirus software does. 

I suppose we'll be safe if 
Kevin Mitnick returns to his 
naughty ways but doesn’t up- 
date any of his attacks from 
the early ’90s. But given all 
the new attacks that the fire- 
wall won't stop, including 
Blaster and even Slammer, 
the fact that it protects us 
from risks like the ICMP ping 
of death isn’t much to write 
home about. 


The Good and the Bad 


For real protection, we needed 


rules that filter bad traffic and 
let the good get through. We 
thought the good would be 
easy to define. We talked to 
each application owner, includ- 
ing the Web and e-mail teams. 
Once we had the addresses of 
their servers and the protocols 
they wanted to use, we could 
add rules to allow that and 
steadily work at the rest until 
we could add a default deny 
rule and provide protection 
from unknown threats. 

We were about 24 hours 
away from enabling the first 
set of rules when we naively 
asked what would happen if 
one of the connections went 
down. Does the traffic route 
via one of the other connec- 


| tions to the parent? If it does, 


then we'd need to make sure 
that the rules would let the 
links still work once rerouted. 
I'd hate to have the firewalls 
block critical traffic in a disas- 
ter recovery situation. 
Nobody knew the answer. 


| We had no idea what would 





| happen if a link went down, 


and we didn’t want to test live 
connections. But we couldn’t 
enable the rules until we knew 
the answer, so we went back 
to the drawing board. 

Even though we couldn’t 
know for certain what good 
traffic would do, I thought we 
could at least limit damage 
from unknown protocols. 
There must be many IP proto- 
cols and TCP ports that aren’t 
used on our network. If we 
blocked those, then weakness- 
es in our existing services 
might be exposed, but we’d 
notice if an attacker tried to 
add or use a new protocol. 

As we worked on generating 
that list and informing people 
that we would be putting the 
first deny rules in, I started 
asking my contacts in the in- 
dustry about our plan. Putting 
firewalls on internal network 
segments is hardly an original 
idea, so I figured that the 
problem of generating rule 
sets and reducing the risk of 
attack while keeping the busi- 
ness going must be a common 
one with well-known fixes. 
Sadly, the typical responses I 
got were, “Oh, that’s a hard 
problem” and “You don’t want 
to try that.” If any of you know 
a good way to do this, I wel- 


| come your tips. 


Now, as we uncover prob- 


| lem after problem, I’ve re- 


duced the project’s scope to 
keep it on track. Our grand 
plan of protecting “us” from 
“them” and vice versa has now 
been split into two phases. 
Phase 1 will just deliver pro- 
tection of our systems from 


| their networks by limiting in- 


bound connections. Outbound 
connections will be left un- 
touched. This reduced scope 
significantly reduces our work 
and will still keep our bosses 
happy. I guess the final stage 


| of leaving home is to learn to 


let home get on without you. D 


This week's journal is written by a real 
security manager, “Vince Tuesday,” whose 
name and employer have been disguised 
for obvious reasons. Contact him at vince. 
tuesday@hushmail.com, or join the dis- 
cussion in our forum: QuickLink a1590 


To find a complete archive of our 
Security Manager's Journals, go online to 
@ computerworld.com/secjournal 
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Security Bookshelf 
Computer Security, 20 Things 
Every Employee Should Know, 


Hill, 2004 


At 51 pages, this 

title is little more . 

Computer 
Security 


nadine, » ane eee 
and | don’t expect : 
this slim volume to 

spend much time on the shelf. 

Full of pithy, interesting 
quotes and bite-size chunks of 
aac, 
perfectly into your IT 
awareness campaign or into 
new hire. 
information security hits all 
and is credible without resort- 
me to finish phone calls. 

a oe 
group could a 
this same information and tai- 


Web application firewall mak- 
er NetContinuum Inc. an- 
nounced a new version of its 
NC-1000 Web Security Gate- 
way that includes network 
firewall features. NC-1000 
Version 4.0 lets customers 
use a single device to stop net- 
work attacks using common 
protocols such as FTP and 
DNS, in addition to those tar- 
geting Web applications com- 
municating over server port 
80, according to Santa Clara, 
Calif.-based NetContinuum. 
NC-1000 Version 4.0 is due 
in January and will sell for 
$28,000. Existing users are 
eligible for a free upgrade. 
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IBM Enhances 
Grid Offerings . . . 


IBM Global Services last week 
enhanced its grid computing of- 
fering with services designed to 
provide an assessment methodol- 
ogy for determining grid total cost 
of ownership, as well as an imple- 


mentation road map. The offering | 


will also include deployment ser- 
vices for migrating existing appli- 
cations to a grid model. 


. .. And Announces 


Deal With Quantum | 


IBM announced last week that 
it will ship Quantum Corp.’s 

DLT VS160 tape drive with its 
eServer xSeries to customers 
worldwide. This partnership will 
provide midmarket customers 
with additional performance, po- 
sitioning IBM’s 40/80GB DLT 
half-high tape drive in the entry- 
level market, said San Jose- 
based Quantum. 


Microsoft Updates 
CRM Software 


Microsoft Corp. last week an- 
nounced the general availability 
of Version 1.2 of its CRM soft- 
ware. The company launched 


CRM 1.0 last January. The update | 


includes user interface improve- 
ments, additional data evaluation 
capabilities and further support 
for lead tracking. 


WetStone Upgrades | 


Its Stego Suite 


WetStone Technologies Inc. in 
Cortland N.Y., announced the the 
next generation of its tool kit for 
detecting digital steganography, 
or the presence of communica- 
tions hidden in digital files. Stego 
Suite 4.0 comprises two prod- 
ucts: Stego Watch, which includes 


improved reporting and image-de- | 


tection algorithms, and Stego An- 
alyst, an image and audio analysis 
tool. Stego Suite 4.0 is available 
now at $1,995 for a single-user 
license, with discounts available 
for law enforcement agencies. 
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Dawn of the 
Undead Data 


N GEORGE ROMERO’S classic 1968 horror film, 
Night of the Living Dead, the deceased rose from 
their graves to terrorize the living. Many IT or- 
ganizations now find themselves in a similar 
nightmare as data they thought was dead and 
gone has risen from the storage crypt. When hackers, 
competitors or governments apply the right technol- 


ogies, the data you thought 
you had destroyed, and 
which has stumbled outside 
the corporate gates on dis- 
carded PC hard disk drives, 
backup tapes and other 
zombie media, comes alive 
again. And opportunists are 
quick to use this data to ex- 
tract their pound of flesh. 

Take the case of the in- 
surer that thought it had 
wiped the hard drives on 
retired PCs clean before 
disposing of them. Someone wes 
bought one of those PCs and discov- 
ered sensitive data on it is blackmail- 
ing the company, says Bob Houghton, 
president of Redemtech Inc., a Hilli- 
ard, Ohio-based recycler of PCs and 
other IT products. And since the 
breach involved customer data, the 
company must disclose it to its cus- 
tomers under a California privacy law. 

The IT staff may have simply over- 
looked erasing that PC in the disposal 
process. But the true horror is that in 
many cases, even wiped data on those 
1,000 PCs you just sent out the door 
can be resuscitated. 

And third-party vendors that claim 
to wipe PC disks before disposing of 
them don’t always do the job right, 
either. One IT executive at a large fi- 
nancial services company outsourced 
the task to four different vendors. 
Now she’s in litigation with three of 
them, according to Gartner analyst 
Frances O’Brien. 

Redemtech says that on average, 25% 





of the systems it audits still 
have data on them even 
though IT thought the sys- 


tems had been wiped clean. 


IT managers don’t realize 
that their own best prac- 
tices, if they have them, 
aren’t being followed. And 
even when they are, the 
erasure process may sim- 
ply transport the data to 
the land of the undead. 
Consider the options. 
§ An fdisk breaks the parti- 
tion ad leaves data on the drive that 
any disk utility can read. A quick for- 
mat only overwrites the system area 
of the disk. A low-level format over- 


| writes most data in sectors accessible 


by the operating system but leaves 
many areas untouched. Consumer- 
grade disk-wiping tools supposedly 
overwrite every sector, but data re- 
covery specialists say they often re- 
trieve data that these tools have left 
behind. 

Then there’s degaussing — applying 
a strong magnetic field to the disk to 


| erase it. This works well for backup 


tapes, but many degaussers aren’t 
powerful enough to erase newer hard 
disk drives. And since degaussing ren- 
ders the drive inoperable, there’s no 
easy way to verify erasure. 
Redemtech and others use special- 
ized tools to erase disk drives. Their 
technicians boot a custom utility from 
a DOS diskette or CD, and the soft- 
ware addresses the IDE or SCSI disk 
controller circuitry directly, bypassing 





the operating system installed on the 
target hard disk drive. But even then, 
data zombies lurk in the shadows. 

A disk drive head is smaller than 
the track within which it must write. 
It plows along the track like a luge 
sled, leaving its mark through the 
center while spraying some data up 
along the sides. A single erasure pass 
leaves much of this roadside data in- 
tact — a phenomenon called residual 
magnetism. Although the data is now 
out of the realm of easy recovery, if 
it’s valuable enough — say, the recipe 
for Coca-Cola or an early earnings 
report — organizations with the right 
resources may take a shot at it. The 
process involves removing the plat- 
ters from the disk drive and using 
very expensive equipment to access 


the residual data. 


To minimize this risk, disposal firms 
dealing with sensitive data make at 
least three erasure passes, and some- 
times seven or more, to wash away as 
much residual data as possible. At that 
point, mere mortals probably can’t re- 
trieve your data. “The NSA would still 
be able to recover data off that drive. 
They have very sophisticated equip- 
ment,” claims Tony Thornton, Re- 
demtech’s MIS IT director. Then 
again, if the National Security Agency 
is reading your media, you probably 
have much bigger problems. 

In the end, there’s only one way to 
know for certain that your data won’t 
rise again: Physically shred hard disk 
drives and other storage media. But 
the correct action to take depends on 
the risk. For most PCs, a multipass era- 
sure will suffice. But if the process 
doesn’t include an audit trail with spe- 
cific snapshots of the sectors that veri- 
fy erasure, be prepared to see your 
data rise again. @ 43381 
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Offshore Dilemma | 
Should you send technical | 
support work overseas? The 
Financial Services Technology | 
Consortium is looking into the 

best practices for this niche | 


market. Page 41 


LITTLE OVER A YEAR AGO, 

when Henkel Consumer Ad- 

hesives Inc. needed to re- 

: =a place its warehouse manage- | 

ment system, the company chose a for- 
ward-thinking vendor that was plan- | 
ning to use radio frequency identifica- 
tion, or RFID, which was then, as now, 
being touted as the “next great thing” 
in supply chain automation. 


OPINION 


Taming the Wild, Wild West 


Barbara Gomolski predicts a flood of 
IT project requests from business 
units in 2004, and she offers tips on 
how to figure out when to say yes 
and when to say no. Page 46 


Little did executives at Avon, Ohio- 
based Henkel know that just a year lat- 
er, thanks to a mandate that Wal-Mart 
Stores Inc. issued to its top 100 suppli- 
ers, they would be planning a pilot 
based on this costly and still problem- 
atic technology, with the intention of 
going live by January 2005. 

RFID is forecast to be a $3 billion 
market within five years as this sophis- 
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| ticated tracking technology gradually 


begins replacing its cheaper but less 
powerful predecessor, the bar code. 
Compared with bar codes, RFID tags 


| store more information about the 
| products or containers they’re placed 


on. And they don’t require manual 
scanning — RFID readers capture data 


| automatically when tagged items or 


containers are within a certain range. 

On a receiving dock an entire pallet 
could be read all at once, increasing 
productivity, reducing labor costs and 
eliminating human error. Or 
an RFID tag could tell work- 
ers where to place contain- 
ers coming into a warehouse. C 

When the data is shared 
among retailers and manu- 
facturers, it enables real- 
time tracking of goods, re- 
sulting in unprecedented visibility into 
the supply chain, thus reducing shrink- 
age, idle inventory and out-of-stock 
items. Fast-selling items can be replen- 
ished more quickly, increasing revenue 
for both suppliers and retailers. 

Large retailers such as Benetton and 
Marks & Spencer claim returns on their 
RFID investments, and Wal-Mart pre- 
dicts 10% to 20% improvements in labor 
efficiencies in its distribution centers. 


Smart [4 


RFID technology 


is hot, but the costs and complexity mean 
that ROI for eke rs is along way off. 


! T KNOWLEDGE | 


| you have to do it,” 


12.15.03 


Manufacturers are using sophisti- 
cated software that analyzes 
customer profitability 
provide better service to high-profit 
customers and charge higher prices 
for low-profit orders. Page 42 


so they can 


However, the vast majority of sup- 
pliers will take at least two years to see 
any return from their RFID implemen- 
tations, observers say. In fact, if the 
Wal-Mart mandate hadn’t occurred, 
analysts say RFID would likely have 
followed an adoption and maturation 
cycle similar to that of bar codes, 
which took at least a decade to achieve 
widespread adoption. 

AMR Research Inc. in Boston esti- 
mates that suppliers will spend $10 mil- 
lion to $20 million each to meet Wal- 
Mart’s mandate, including 
hardware, engineering ser- 
vices and integration with 

i existing software. ARC Ad- 

visory Group Inc. in Ded- 
ham, Mass., puts the cost at 
$250 million. Either way, 
wel “it’s clear that the payback 
will be far longer than two years,” says 
Steve Banker, service director of sup- 
ply chain management at ARC. 

Indeed, although Henkel anticipates 

great benefits — including reduced in- 


| ventory, better manufacturing plan- 


ning, reduced cycle time and, ultimate- 
ly, higher sales, “we might have moved 
at a different pace” if it weren't for 
Wal-Mart, acknowledges Gene E. 


| Obrock, vice president of operations at 


Henkel, best known for its Duck brand 


| of duct tape. An ROI model, Obrock 


says, isn’t even relevant at this point. 
“The technology is so new that even if 
we set up an ROI analysis today, in a 


| year we'd be developing a whole new 


ROI model and still revisiting it fre- 
quently,” he says. 

“If you’re being forced to do it, then 
concurs Barry Ma- 
son, an analyst at Nucleus Research 
Inc. “Others — while they should take 
this technology seriously — need to 
take a wait-and-see approach.” 


| Overcoming Complexity 


|} One way to lower costs is to delay bulk 


tag purchasing until prices drop, which 
many, including Obrock, see as in- 
evitable, particularly with the billions 


| of tags Wal-Mart’s suppliers will de- 
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mand. With tags costing 30 cents on 
average, only certain products — 
watches, DVDs, CDs, for instance 
would be worth tagging. 

According to Gartner Inc., the cost 
of tags will have to fall to 10 cents each 
before the price is right for pallet- and 
container-level tagging, and it will 
have to hit 5 cents for item-level tag- 
ging to be affordable. Some observers 
predict 5-cent tags by 2006, but others 
say that’s optimistic. 

But tag costs are only the beginning. 
Consider if a supplier simply complied 
with Wal-Mart’s mandate — what 
some call the “slap and ship” model. In 
this approach, suppliers would tag 
containers right before they leave the 
warehouse, not when they come off the 
manufacturing line. This means that 
when a truck arrives at the warehouse, 
the containers destined for Wal-Mart 
need to be segregated, sent to special 
tag-printing stations and placed on 
separate pallets. “You're rearranging 
the warehouse to accommodate this — 
how much will that cost?” Banker says. 

Furthermore, older warehouse man- 
agement systems will have to be cus- 
tomized, which can cost $50,000 or 
more. Special middleware will need to 
be added to accept, sort and translate 
the new RFID data for the warehouse 
management system and to process ad- 
vance shipping notices in a new for- 
mat. “Believe it or not, this is the cheap 
path,” Banker says. 

The other approach is to push RFID 
further back into the manufacturing 
process, tagging containers before they 
reach the warehouse or even request- 
ing your own suppliers to adopt RFID. 
This way, suppliers can reduce labor 
costs at the receiving dock and speed 
shipping processes. But it’s question- 
able whether this offers a compelling 


GRADUAL ADOPTION OF RFID will fol- 
low a four-level road map, says John 
Fontanella, an analyst at AMR Research. 

@ Level 1 includes discrete RFID applica- 
tions like those being piloted at some large 
retailers and their suppliers. 

® At Level 2, RFID is applied to two or 
more units within a company. For example, 
a large aerospace manufacturer used RFID 
tags to monitor the flow of material from 
receiving to its production line. 

® At Level 3, companies coordinate RFID- 
enabled processes with a limited number of 
supply chain participants. For example, a 
packaging manufacturer was unable to do 
vendor-managed inventory in a traditional 
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ROI for many suppliers, which — un- 
like retailers -- may already operate at 
high levels of inventory accuracy. “If 
they’re at 99% efficiency now, and 
RFID brings them to 99.5%, that in no 
way offsets costs,” says John Fontan- 
ella, vice president at AMR. 

Wal-Mart itself is encouraging sup- 
pliers to do more than slap and ship. 
“You have to capture the information 
and put it back into the system to make 
better decisions,” Obrock says. “If you 
do it any other way, you’re short-cut- 
ting your ability to generate savings.” 

Of course, this adds more integra- 
tion costs and requires a re-engineer- 
ing of business processes — still with 
no short-term ROI. For Henkel, figur- 
ing out how to do that will likely take 
the better part of six months. “We'll be 
looking at where the technology fits, 
what applications we want to take ad- 
vantage of, what procedural changes 
we'll need to make and what those 
changes mean in terms of cost sav- 
ings,” Obrock says. 


| Where RFID Works Best 


Still Fontanella and others say there’s a 
way to both comply with Wal-Mart 
and achieve shorter-term payback. It 
involves looking within your company 
and defining a discrete process that 
could benefit from RFID automation. 
Fontanella suggests considering an 
area where process discipline is very 
important yet difficult to achieve man- 
ually. For example, International Paper 
Co., had problems reading bar codes 
on its massive rolls of paper when the 
rolls were stacked deeply. In addition, 
when rolls were cut to fill an order, the 
bar code was sometimes cut with 
them, leaving partial rolls with no indi- 
cation of their grade or the amount 
left. Stamford, Conn.-based Interna- 


way and therefore installed RFID readers at 
customer sites to monitor consumption of 
its products. 

® At Level 4, RFID is used by virtually all 
supply chain participants throughout an in- 
dustry, which is what Wal-Mart is attempting 
to bring about. 

As Fontanella sees it, “such a vision is well 
beyond the capabilities of current technolo- 
gy. Instead of a natural evolution of 20 to 25 
years, Wal-Mart is making it five years.” In- 
deed, within one year's time, Henkel will at- 
tempt to push RFID into its own manufactur- 
ing sites and out to one or two suppliers, in 
addition to complying with Wal-Mart. 

~- Mary Brande! 





Nucleus Research surveyed represen- 
tatives from 22 manufacturing com- 
panies that use supply chain manage- 
ment systems. 


™ 18% said they use RFID. 


® 12% said they have plans to 
implement RFID in the near future. 


® 70% said they have no plans to im 
plement RFID in the next six months. 


® 69% of those that aren’t using 
RFID said the cost needs to come 
OMe RU MOU Rea 


SSO BU RUE Um arcing 
cited investments in optical scanners 
and bar code readers as the primary 
Ree My mms CLL 


PL recs ces TB Cs] 
have customers using RFID, and 27% 
said they have suppliers using it. 


tional Paper inserted RFID tags deep 
within the rolls, thus increasing inven- 
tory accuracy, eliminating waste, re- 


| ducing operating costs and decreasing 


inventory levels. 

Sometimes the environment itself 
calls for RFID. International Paper’s 
warehouse, for instance, is very dusty, 
making bar-code reading difficult. 

There are other rules of thumb to 
consider when looking for processes 
that would benefit from RFID. For one 
thing, experts advise looking for activi- 


| ties that involve a lot of manual labor 


— if you have 500 employees using bar 


| code readers to scan tens of thousands 


of packages each day, for example. 
Another possibility is order-picking. 


| “If a shipper needs to pick three of one 


product, eight of another and 10 of an- 
other and put it on a pallet, witha 
reader mounted right on the equip- 


| ment as the person is filling the order, 


it can ensure the person isn’t counting 
wrong,” Mason says. 

Large or high-value goods are also 
good candidates for RFID tracking be- 
cause they yield better ROI than low- 
value goods, since the per-tag cost is 
less of an issue. Plus, Banker points out 
that better asset management helps re- 
duce theft. 

And one way to track high-value 
goods is by their containers. TrenStar, 
a mobile asset management firm that 
uses RFID to help companies such as 
beer distributors in the U.K. track their 
containers as they move through the 
supply chain, chooses to use RFID 
when the container itself is valuable. 
“It’s more worthwhile to track a con- 
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tainer that costs $1,200 than a card- 
board box,” says David Adams, senior 
vice president of corporate strategy at 
the Englewood, Colo.-based company. 
TrenStar claims to have decreased cy- 
cle time for beer distributors and cut 
keg loss by two-thirds. 

And low-cost goods can have high 
value when they hold a key place ina 
manufacturing process, Adams points 
out. For instance, a container of 39- 
cent spark plugs might cost $4, but if 
the part doesn’t arrive at the right 
point in the manufacturing process, “it 
could shut down the whole plant,” he 
says. TrenStar has been conducting a 
pilot at Kraft Foods Inc. in which it 
manages the process of sending stain- 
less steel containers to Kraft suppliers 
to fill with processed fruit for yogurt. 
Because the containers are tagged, 
Kraft can look on a TrenStar Web to 
learn where the containers are and 
when they will arrive at its plant. With 
this information, Kraft can plan pro- 
duction runs more accurately. 

Some of these applications may call 
for more expensive and more mature 
RFID technology, such as active tags or 
those with proprietary standards — not 
the passive tags Wal-Mart is mandating. 


Unexpected Benefits 
Despite the long-term ROI, as suppli- 
ers experiment with RFID, Fontanella 
believes innovative uses of the tech- 
nology will emerge. Indeed ROI can 
come from unexpected places. Adams 
points out that because his beer-brew- 
ing clients were able to produce audit 
trails of where their kegs had been, 
they were able to receive a tax credit 
for the ullage, or waste beer at the bot- 
tom of the empty keg. 

And in the end, companies like 
Henkel say they are glad to be invest- 
ing in innovative technology now. 
“Why not challenge ourselves by get- 
ting on the front end of this thing, 
while people are still sharing informa- 
tion?” Obrock says. “A year or two 
from now, companies that have per- 
fected their use of RFID technology 
won't be talking about it — they’ll be 
using it for competitive advantage, and 
those that aren’t on board will be ex- 
perimenting in the dark.” @ 43198 
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RELIABILITY ISSUES 


Getting RFID tags, antennas and readers to all work 
together in your environment requires trial and error. 
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Offshore 
Dilemm 


Sending technical support overseas is 
attractive, but it could expose production 
systems to new risks. By Patrick Thibodeau 


MANAGERS have gotten very 
comfortable moving applica- 
tion development and main- 
tenance to offshore providers. 
And offshore outsourcing of 
business processes, such as claims 
processing, is growing rapidly, too. But 
one area of outsourcing that hasn’t 
caught on yet is offshore technical sup- 
port for IT systems and infrastructure. 

Simply put, the jobs of technical sup- 
port personnel and systems adminis- 
trators who work on real-time IT ap- 
plications could be done remotely over 
a network connection to the system. 

For example, if a problem arises with 
a CRM application, the trou- 
bleshooting and repair could 
be performed by workers in WATCH 
India. Server capacity man- 
agement, network management and 
database and firewall administration 
are all functions that could be handled 
offshore. 

But today, offshore support for pro- 
duction IT systems is a niche market, 
and because it’s new, best practices 
haven’t emerged. Users are cautious, 
given that this type of outsourcing in- 
volves access to mission-critical pro- 
duction systems and raises new con- 
cerns about issues such as security, 
privacy and intellectual property pro- 
tection. Plus, once a company decides 
to shift its application and systems 
support to an overseas vendor, it will 
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lose in-house expertise in those skills. 
Infrastructure outsourcing is “a 

long-term decision — it’s not easy to 

take it back,” says G.K. Prasanna, who 

manages infrastructure services at 

Bangalore, India-based Wipro Ltd., 

a major overseas outsourcer. 


Developing Best Practices 


The financial services industry, which 
has been aggressive about using off- 
shore IT services, recently began an 
effort through the Financial Services 
Technology Consortium (FSTC) in 
New York to develop a set of best prac- 
tices for moving production and infra- 
structure support offshore. 

Outsourcing application de- 
velopment is “fairly easy — 
there is no access into produc- 
tion systems,” says Jim Salters, director 
of technology initiatives and project 
development at the FSTC. Faced with 
the new challenges of outsourcing 
technical support, the FSTC is devel- 
oping an implementation playbook and 
hopes to have an initial version com- 
pleted before the new year. 

Stan Lepeak, an analyst at Meta 
Group Inc., says it’s always a good idea 
for end users to band together to de- 
velop best practices, though he won- 
ders how much information the com- 
peting financial services firms will be 
willing to share with one another. 

Guidelines that make companies 





more comfortable with outsourcing 
technical support could help increase 
the use of offshore IT services. But the 
complexities uncovered by the FSTC’s 
effort could also have the opposite ef- 
fect and slow down the market. “It 
could lead them to the conclusion that 
this is a three- to five- to seven-year 
initiative” just to come up with the 
best practices, Lepeak says. 


Standardizing Processes 


- . : : | 
Financial services firms are supporting | 


the FSTC effort because without some 
kind of industry standards, “each bank 
ends up inventing their own process- 
es,” says an IT official at a major bank 
who asked not to be identified. 


The FSTC is looking at issues like how | 


to protect confidential data — such as 
trade secrets and customer informa- 
tion — from being disclosed or stolen 
by competitors, the outsourcing con- 
tractor or the contractor’s employees. 

Legal experts say the only way users 
can ensure that their interests are pro- 
tected is to take nothing for granted. 
Penetration testing of a vendor’s secu- 
rity processes and detailed background 
checks on employees will be needed. 

The Federal Deposit Insurance 
Corp., for instance, prohibits financial 
services firms from hiring people with 
certain types of criminal convictions, 
and those restrictions also apply to 
people managing the systems of FDIC- 
insured banks overseas. 

Some offshore providers, in an effort 
to reassure U.S. firms about their secu- 
rity standards, set strict rules about 
what their employees can bring into 
work, prohibiting them from carrying 
in laptops, handhelds and cell phones 
— anything that can be used to steal a 
company’s intellectual property. 

Advances in another IT arena may 
help make offshore outsourcing of 
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technical support more feasible. Priva- 
cy laws have spurred the development 
of data-masking technologies that can 
disguise customers’ personal data. 
These technologies can also protect 
data handled by offshore contractors. 
“Once I do that [data masking], I’ve 
opened the door to make it easier to go 
offshore,” the bank IT official says. 

Outsourcing parties also need to 
find ways to prevent trade secrets from 
falling into the hands of competitors. 
That could mean prohibiting an out- 
sourcer from working with competi- 
tors or finding methods to segregate 
the work, said Marina Gracias, deputy 
general counsel at Providian Bancorp 
Services in San Francisco, at a recent 
conference. Another step is to prohibit 
an outsourcer’s employees from seek- 
ing work with a competing company 
for a period of time, she said. 

Infrastructure outsourcing is possi- 
ble only because of the growing relia- 
bility of global networks, which make 
it possible for systems to be managed 
remotely over vast distances. While 
the telecommunications infrastructure 
is improving in many low-wage coun- 
tries, it’s far from perfect, and out- 
sourcing experts say it could remain 
a hurdle for some companies in man- 
aging real-time systems. 

But as long as a financial case can be 
made for moving relatively routine 
jobs offshore, the pressure on compa- 
nies to take that step will be huge. 

Mark Mayo, a partner at TPI, an out- 
sourcing consultancy in The Wood- 
lands, Texas, says 40% of the outsourc- 
ing deals TPI has been involved in this 
year have included some offshore com- 
ponent. Mayo says that may increase to 
60% next year, adding that the out- 
sourcing of infrastructure support will 
be one of the reasons for this growth. 
© 42280 
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HINK OF CRM, and you tend 
to think of retailers, banks 
and call centers serving 
mass-market consumers. 
But CRM software is quiet- 
ly being used in the indus- 
trial heartland, too, to bet- 
ter manage sales of products ranging 
from steel plates to factory controls. 

Manufacturers are beginning to take 
advantage of CRM data systems to fine- 
tune their factory forecasts and identify 
their most profitable products and cus- 
tomers. Then they can improve service 
to those customers — for example, by 
providing what essentially is an “ex- 
press lane,” or preferred status on the 
assembly line, for high-profit orders. 

Smokestack industries are even us- 
ing buffed-up CRM systems to justify 
higher prices for low-profit orders. So- 
phisticated tools that analyze customer 
profitability can highlight so-called 
free riders, or customers and products 
that generate a disproportionately 
small return, says Steve Banker, an ana- 
lyst at Automation Research Corp. in 
Dedham, Mass. 

CRM analysis sometimes yields sur- 
prises and upsets long-held planning 
assumptions, Banker notes. For exam- 
ple, a high-margin account could lose 
its preferred status if analysis reveals 
that the customer has costly handling 
or service requirements. Likewise, cus- 
tom features or unforgiving delivery 
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Manufacturers like U.S. Steel are reaping ben- 
efits from CRM software, such as increased 
cash flow, better service for highly profitable 
customers and more accurate forecasting. 


deadlines that disrupt production or 
shipping schedules might diminish the 
appeal and profitability of a once high- 
ly regarded customer. 

The payoff from exploiting this kind 
of data can be huge: U.S. Steel Corp. of- 
ficials say the company increased its 
annual cash flow by several million 
dollars soon after installing analytic 
CRM software from San Rafael, Calif.- 
based Maxager Technology Inc. 

In fact, CRM initiatives at some in- 
dustrial companies — including Daim- 
lerChrysler AG, Ondeo Nalco Co. and 


Heavy industries are using CRM data to speed up 
the assembly line for high-profit customers and charge 
higher prices for low-profit orders. By Ira Breskin 
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Taiwan Semiconductor Manufacturing 
Co. — produce such important insights 
that they’re considered too proprietary 
to discuss publicly, for fear of tipping 
off competitors. 

Invensys PLC, a conglomerate that 
makes a full range of industrial con- 
trols, has begun using CRM data about 
customer ordering patterns to better 
forecast production and fine-tune 
scheduling at its factories, says global 
best practices program manager Deb 
Kumpf, who works at the company’s 
U.S. headquarters in Foxboro, Mass. 

“A major benefit has been to better 
forecast what our business is going to 
be and [then] transfer that information 
to production,” Kumpf says. 

Invensys uses heavily customized 
Baan CRM software, which is based on 
applications Baan acquired when it 
purchased CRM vendor Aurum in May 
1997. (The selection isn’t too surprising: 
Invensys purchased Baan in August 
2000 and then sold it in June of this 
year to SSA Global Technologies Inc.) 

Invensys factories use CRM data to 
more accurately forecast needs for raw 
materials six months out. Forecasts are 
updated either weekly or monthly. Pre- 
cision is important because Invensys’ 
production is done on a just-in-time 
basis; work is scheduled to coincide 
with customer-specified delivery dates, 
and the company holds minimal fin- 
ished-goods inventory. 

Invensys also uses CRM to make sure 
it evaluates the profitability and risks 
associated with major contract bids, to 
avoid too many low-profit or high-risk 
bids. “The goal is to make the sales 
process more consistent,” Kumpf says. 

And, like other CRM adopters, Inven- 
sys uses the system to identify cross- 
selling opportunities. For example, a 
factory controls customer would be a 
candidate for a maiztenance contract. It 
would represent a low risk for Invensys 
because the vendor would be familiar 
with the reliability of the customer’s 
system, since it built much of the hard- 
ware and provided the control software. 

“We're trying to leverage actual sales 
data to sell as much and as many dif- 
ferent Invensys products as possible,” 
Kumpf explains. “It’s really opportuni- 
ty management.” 


‘Contracting Smarter’ 

US. Steel’s activity-based costing soft- 
ware measures the cash generated by 
each product, customer and market, 
which can help to maximize cash flow, 
says Vas Shapkaroff, a financial analy- 
sis manager at one of the company’s 
primary production facilities, in Gary, 
Ind. U.S. Steel uses this data to try to 
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convince production managers and its 
150-member sales force to focus on 
maximizing cash generation and, ulti- 
mately, profit, not simply revenue. 

In fact, U.S. Steel now is “contracting 
smarter” by accepting only short-term 
orders that take three to six months for 
low-profit products, Shapkaroff said 
during a recent presentation in Boston. 
This frees production capacity for high- 
er-return business, should it be needed. 

Companies can also share the cost- 
based analysis with a less-profitable 
customer and give that customer a 
chance to modify the product design or 
production requirements to cut costs 
— or face higher prices. Often, even 
modest design changes will dramatical- 
ly cut costs and improve profitability. 

Another option is to ask the high-cost 
customer to accept a product at anoth- 
er, perhaps less-specific time when de- 
mand is lower and production capacity 
is available, Automation Research’s 
Banker says. 

This sort of customer profitability 
analysis is all the rage in the financial 
services industry, according to recent 
reports by Gartner Inc., but it’s hap- 
pening — quietly — in the Rust Belt, 
too. @43064 





Breskin is a freelancer writer in 
Great Neck, N.Y. 
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1. Automatic overview of operation. 


2. Automatic shipping of sale. 
3. Automatic identity verification. 
4. Automatic updating of inventory. 


5. Automatic tracking of delivery. 
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MIDDLEWARE IS IBM SOFTWARE. = software 
like Tivoli? DB2®° and WebSphere? Open I 2-glass 
technology that can automate it all — IBM, Microsoft? Oracle 
Sun. Problems are foreseen and solved before CCL 

IT resources are directed to core business nee S are 
significantly reduced. it's automation. On demand. And it's 
what keeps companies and customers happy. Very happy: 
@business on demand”™at ibm.com/software/automate 
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Unintended 


BIAS 





Research shows that well-meaning 
managers aren't quite as unbiased and 
ethical as they think they are. 





As an IT manager, 
you may not be 
as ethical as you 
think you are, says 
Mahzarin R. Banaji, 
a professor of so- 
cial ethics at Har- 
vard University. 
In the December 
issue of Harvard 
Business Review, 
she and co-authors 
Max H. Bazerman 
and Dolly Chugh 
write that most managers are burdened 


with unconscious biases that often result | 


in unintentionally unethical decisions. 
Banaji discussed these biases with Kath- 
leen Melymuka and offered suggestions 
for minimizing their impact. 


You say most managers aren't as ethical as 
they think they are. Why not? Most people 
are not as ethical as they think they are 
because there are constraints on ethics 
that are not visible to the conscious 
mind, and even if they are, may not be 
easily controlled. All behavior, includ- 
ing behavior that has ethical implica- 
tions, can be guided by thoughts and 
feelings that reside in unconscious 
form. Managers are no different, ex- 
cept that their attitudes and behavior 
have greater impact on others because 
of their role. 


You talk about a number of sources of un- 
intentionally unethical decision-making. 
Let’s start with implicit prejudice. Can you 
give me an example in an IT setting? An 
implicit bias that may flourish in an IT 
setting may concern gender. If the as- 
sociation is that men are better at IT 





than women are, that may lead to men 
being selected for such positions more 
often than women, being given posi- 
tions of higher responsibility and re- 


tained with greater confidence. 


Yet you say implicit prejudice is rooted in the 
fundamental mechanics of thought. Can you 
explain? I refer to the type of bias we 
study as “ordinary prejudice” to distin- 
guish it from conscious bias. It’s ordi- 


| nary in two ways. First, prejudice — 


seemingly a thing of the heart — is 
rooted in the fundamental mental 
mechanisms of perceiving, categoriz- 
ing and remembering. To categorize, 
for example, is a basic skill without 
which we could not tell apart things 
that belong to different families — 


| say apples and oranges. To be able 


to do this is central to thinking. And 
this mechanism is involved in seeing 
that people belong to different social 
groups — male and female, young and 


| old, rich and poor, etc. It is in this 


sense that I say that prejudice has its 
origins or roots in the ordinary me- 
chanics of thought. The second sense 


| in which I might use the term ordinary 


is related. If [implicit prejudice] is 
rooted in the fundamental mechanics 
of thought, then it should be visible in 
all of us, not just a minority that may 


| also be consciously biased. 


Another source of bad decisions is in-group 
favoritism. What’s wrong with putting in a 
good word for a friend? It’s not that 
putting in a good word for a friend is 
wrong; it’s the simultaneous lack of 
putting in a good word for others that 
makes the playing field unequal. It’s 
the relatively greater access to eco- 





nomic and social benefits that accrue 
from unequal in-group favoritism that 
makes in-group favoritism problem- 
atic. If this attribute of being recom- 
mended were equally distributed such 
that all people equally got recommend- 
ed by all others, we would have noth- 
ing to say here. It is because this bene- 
fit of being recommended is very 
much a function of where in society 
one sits that the simple act of recom- 
mending becomes discriminatory. 


You also say people subconsciously give 
themselves too much credit. What's the dan- 
ger of that in an IT setting? To the extent 
that much of IT work is collaborative, 
ie., teams of people working together, 
taking more credit for work than is 
correct can cause [other team mem- 
bers to feel] disaffection and a sense of 
being unrecognized. 


Finally, there’s conflict of interest. That 
seems pretty unethical. How can it be unin- 
tentiona!? We are not speaking about 
intentional conflict of interest, that is, 
where people explicitly use the power 
they have in one context to gain favor 
in another. We are instead concerned 
about conflict of interest that may oc- 
cur more subtly, for example, where a 
person stands to gain because of the 


You can begin to deal with your own 
hidden biases by discovering them at 
www.implicit.harvard.edu and 
www.tolerance.org/hidden_bias. 





www.computerworld.com 


Subtle Sources of Bias 


© Bias that 
emerges from unconscious beliefs 


= 
Bias that favors your group 
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Bias that favors you 


* f t Bias that 
favors those who can benefit you 


more distant affiliations that play a 
role in who does favors for whom. 
Here, identifying situations that may 
lead to conflict of interest, even though 
they are “required” to be treated that 
way, is the progressive way to think. 


How can an IT manager deal with these 
ethical lapses if he’s not even conscious of 
them? Act affirmatively [to combat dis- 
crimination], not because the group 
has been wronged in the past, but 
because the harm from implicit bias 
is a thing of the present. We also 

say some more specific things about 
shaping one’s conscious attitudes — 
that can trickle down to the implicit 
level with practice — and shaping the 
environment. 


Can you explain and give me some advice on 
the strategy of shaping an IT environment? 
A diverse workforce does this in the 
most obvious way. It allows daily asso- 
ciations of good and bad to be made to 
many different types of people, blur- 
ring the simple association of only one 
type of association with a group. If 
Firm A has 20 Asian women and Firm 
B has two, the employees of Firm A 
have a higher likelihood of stereotypes 
of Asian women being disconfirmed. 


Ultimately, you say, “vigilance even more 
than intention is a defining characteristic of 
the ethical manager.” What do you mean by 
that? Good intentions don’t always pro- 
tect us. Vigilance is an effective way to 
begin the process of change. @ 43087 


Melymuka is a Computerworld con- 
tributing writer. She can be contacted 
at kmelymuka@yahoo.com. 


This is the latest in a series of monthly discus- 
sions with Harvard Business Review authors 
on topics of interest to IT managers. 





Middleware is Everywhere. | Can you see it? 











7 


MIDDLEWARE IS IBM SOFTWARE. Software 


1. Verifies insurance on the spot. 

2. Files digital claim in an instant. 

3. Approves estimate at the site. 

4. Orders new bumper at the scene. increases, productivity soars and knowledge bec 5 power 


5. Receives settlement in a snap. @business on demand” Go to ibm.com/db2/middieware 
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IT Budgets to Stay 
Tight in 2004 


“Doing more with less” continues 
to be a strong IT strategy among 
ClOs for next year, according to a 
Merrill Lynch & Co. report pub- 
lished this month. A survey of 100 
ClOs in the U.S. and Europe shows 
that, on average, budgets are being 
reviewed quarterly to retain some 
spending flexibility. Other survey 
highlights include the following: 

@ Demand for outsourcing is 
strong, and 70% of ClOs are satis- 
fied with their offshore experiences. 

@ ClOs are more likely to hold 
back software spending because 
they’re skeptical of vendors’ claims 
than because of fear that the soft- 
ware will become shelfware. 

® Spending on storage will in- 
crease, with EMC Corp. and IBM 
gaining the most market share. 

@ Fewer than 10% of CiOs have 
hired IBM to transform processes 
using its e-business on demand, 
even though about 33% say they 
have talked with IBM about the 
new technology. 


Eli Lilly Promotes 
IT Executives 


Roy Dunbar, CIO at Eli Lilly and Co., 
has been promoted to president of 
intercontinental operations. He 
joined Indianapolis-based Lilly in 
1990 and has held various manage- 
ment positions. Mike Heim, who has 
been Lilly's chief technology officer 
since 2000, will take Dunbar’s 
place as CIO. Heim started at Lilly as 
a systems analyst and has held key 
IT positions supporting R&D, manu- 
facturing, sales and marketing. 


Gartner to Cut 200 


Gartner Inc. plans to cut about 200 
of its 3,800 global workforce in ar- 
eas of consulting that the research 
and advisory firm sees as lagging. 
In turn, Gartner plans to hire 50 
people for positions in outsourcing, 
IT and federal government opera- 
tions. The company will take a $28 
million to $32 million charge relat- 
ed to the layoffs in the fourth and 
first quarters. The company’s total 
revenue in 2002 was $888 million. 
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BARBARA GOMOLSKI 


URING THE PAST FEW YEARS, the eco- 
nomic downturn has forced IT depart- 
ments to look closely at costs and effi- 
ciency. Now, the economic recovery is 
casting another spotlight on IT, and this 
one is focused on prioritizing IT investments. As orga- 
nizations slowly boost their investments in new appli- 
cations, it’s clear that many companies need to recon- 
sider the way they set IT priorities. Simply put, it’s still 
the Wild, Wild West in many organizations when it 


comes to allocating IT 
resources. 

Most companies have al- 
ready learned the hard way 
that the IT organization 
shouldn’t — by itself — de- 
termine which new IT initia- 
tives get tabled and which get 
started. However, there’s still 
a lot of confusion about how 
IT priorities should be set, 
who gets to vote and how 
those votes should be tallied. 

This issue will become even 
more visible as companies 
begin to increase their dis- 
cretionary IT investments in the 
coming year. 

A lot of organizations have steering 
committees that include C-level exec- 
utives. However, these groups are real- 
ly in a position to weigh only corpo- 
ratewide IT initiatives, and even a 
highly functioning IT steering com- 
mittee can’t bear the total burden of 
prioritizing all IT investments. 

There is no right or wrong way to 
determine where to put new IT dol- 
lars. Sometimes IT priorities are 
driven by technology life cycles and 
business developments. For example, 
if an unreliable legacy system is cost- 
ing the company millions, chances are 
it'll be a top candidate for replace- 
ment. Or, if your company buys a com- 





petitor, you can bet that 
much of your company’s dis- 
cretionary IT spending will 
be tied up in the effort to 
integrate systems. 

It gets trickier, however, 
when a company is chugging 
along with no obvious IT 
priorities. In this case (and 
particularly after several 
years of little or no invest- 
ment in new IT initiatives), 
business units will come up 
with creative ways to con- 
sume IT dollars. Indeed, 
many companies will face a 

flood of new IT proposals in 2004, as 
IT-starved business managers seek to 
meet their objectives using technolo- 
gy. So, if it comes down to enhancing 
the CRM system or Web-enabling the 
supply chain, which do you do? 

IT priorities vary from company to 
company, of course, but best practices 
for choosing them are more consistent 
across businesses. Firms that are good 
at picking IT priorities play by the fol- 
lowing ground rules: 

@ Acknowledge that the IT organization, 
the business units and the finance depart- 
ment must all be involved in determining IT 
priorities. IT investment decisions can’t 
be thoroughly weighed unless all three 
parties are represented, because each 
group brings unique knowledge to the 





the Wild, 
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decision-making process. The finance 
folks are in the best position to weigh 
the financial assumptions in the proj- 
ect plans. The business unit heads are 
the most familiar with the business 
processes and how the application of 
IT can improve those processes. IT, of 
course, is in the best position to judge 
the feasibility of using IT to accom- 
plish the business goal. 

@ Evaluate IT priorities using a standard 
set of criteria. Whether you choose net 
present value, return on investment 
or some other financial payback calcu- 
lation, do it consistently across all 
proposed projects. Continue the stan- 
dardization by weighing IT priorities 
against a common set of business 
objectives. 

@ Recognize that tools won’t fix bad 
processes. There’s a hot class of soft- 
ware, called application portfolio man- 
agement, that can automate the track- 
ing of IT priorities. While many of 
these packages have rich features and 
good underlying methodologies, the 
tools won’t cure bad decision-making 
processes. Put another way, if your 
company is dysfunctional when it 
comes to setting IT priorities, an 
application portfolio management 
tool won’t fix that. 

@ Understand that there will always be ex- 
ceptions to the rule. In spite of compa- 
nies’ best efforts to come up with an 
equitable and logical way to prioritize 
IT investments, the world remains an 
unfair place. Certain groups and key 
individuals will carry more clout and 
will swoop in and hijack IT resources, 
even if their projects aren’t first on the 
list of corporate IT priorities. That’s 
never going to change. The goal is to 
make that kind of situation the excep- 
tion and not the rule. @ 42986 
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Engineering Specialist. Consult 
with advise customers’ project 
team during startup to determine 
s/ware & systms specs, usage & 
setup. Analyze & handle practi- 
cal issues & dsgn, dvip & plan 
workshops relating to usage of 
comp systms/prgms. Define/ 
plan startup activities for cus- 
tomers’ project technical team. 
Analyze faults/recommend 
s/ware & systm modifications. 
120-160 days travel required per 
year. Req.: Bach degree or for- 
eign equiv. in Comp Sci or Engg 
2 yrs. exp. in job offd or as Comp 
or Electronics Engr. Working 
knowl through academic 
coursework or exp, of C prgmg 
UNIX, network communication & 
distributed transaction based 
systms. 2 yrs. exp. in the follow- 
ing, which may have been 
obtained concurrently: project 
mgmt, tech analysis, installation 
troubleshooting, systm testing & 
creating practical solutions; cus- 
tomer support & conducting 
structured customer training 
documentation-dsgn & cre- 
Jation/maintenance of product 
spec & user manuals; & logical 
dsgn & testing of complex inte- 
grated systms. Resume: Mr. 
Shane O'Toole, CCI Europe 
Inc., 1701 Barrett Lakes Bivd 
Ste. 380, Kennesaw, GA 30144 


Programmer 

4D software application devel- 
opment by using OpenGL, VB 
VC++, Java, Java Swing, FOR- 
TRAN, C, OOA/OOD, OO 
Programming, UML, Rational 
Rose, Database programming, 
Access, SQL, GU! design, GIS 
Windows and Unix system. M.S 
in CS or rel. & 2 yrs. of exp. in 
above pos. or rel. with abil. to 
use 3D plant design application 
OpenGL, VB, VC++, Java, Java 
Swing, FORTRAN, C, OOA/ 
OOD, OO Programming, UML, 
Rational Rose, Database pro- 
gramming, SQL, Access, GUI 
design, Visual SourceSafe, GIS 
Installshield Prof., Instaliscript, 
Primavera Suretrak, VMware 
Workstation, Windows and Unix 
system. 40.0 hr/wk. 9-5. Send 
resume tc: Amadeus Burger, 
Pres., Construction Systems 
Associates, Inc., 425 Franklin 
Road, Ste. 520, Marietta, GA 
30067 


Corpus has multiple openings 
for IT professionals. Following 
skills preferred: Oracle, SQL, 
PL/SQL, COBOL, C/C++, VB. 
SAP, Java, XML, ERP, ASP, NT, 
XSL. Minimum BS degree 
Traveling is required for some 
positions. Please send resumes 
to resumes@corpusinc.com 
EOE 


Argent LLC is looking for pro- 
grammer/system analyst, soft- 
ware/project engineers. Duties 
include software & system appli- 
cation design. Skills in C/C++ 
Java, PL/SQL, Oracle are plus. 
Travel required for some posi- 
tions. Degree is a musi. Contact 
achauhan@argentinforech.com. 
EOE 


PROGRAMMER’ ANALYSTS 
req'd for Naperville,IL office 
Develop software applications 
using C, C++, VB, Delphi, ASP, 
XML UML, Cooigen 
Interwoven, Oracle, PL/SQL 
Developer 2900 & Designer 
2000. Bachelors req'd in 
Computers, Engineering, Math 
or related field of study +1 yr of 


related exp. 40 hrs/wk. Must] 


have legal authority to work per- 
manently in the U.S. Send 
resume to HR _ Manager, 
Sapphire Technology Solutions, 
Inc., 2727 Walsh Av. Ste # 207, 
Santa Clara, CA-95051 
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Software Developer | - Business 
Tier: Perform product design, 
bug verification and beta support 
in a J2EE environment using 
Java, JOBC, EJB, RMI, SQL and 
UML. Develop business compo- 
nents using design patterns 
Conduct systems analysis and 
product development throughout 
the full development life cycle 
B.S. in CS, Information Science 
EE or related. Must have the 
ability to use Java, JDBC, EJB. 
RMI, SQL, UML and design pat- 
terns. M.S. accepted in lieu of 
B.S. 40 hrs/week, 9am-5pm 
Positions available: multiple 
Resume to: Mr. Vichael Fleming 
Vice President of Engineering 
EPL Inc., 22 Inverness Center 
Parkway, Suite 400 
Birmingham AL 35242 
jobs@epI.net 


JAVA Developer: Implement and 
document J2EE software using 
knowledge of EJB, JMS, JNDI 
JTA and SOAP. Resolve issues 
with specs and integrate items 
using knowledge of operating 
systems: AIX 5.1, Solaris 8, 
Windows 2000. Languages 
Java (JDK1.2 and above), XML, 
SQL. Database: Oracle Qi 
Modeling tools: Rational Rose 
Enterprise Edition 7S, 
UniysysRoseXML Tools. App- 
servers/Webservers: Weblogic 
6.1sp5 and above, Websphere 
5.0, Tomcat 4.0.6. Version con- 
trois PVCS, CVS. XMLParcser: 
SAX, JDOM, Xerces. Debugging 
tools: EzSQL XMLTools 
XmiSpy 4.0. Master's plus exp 
required. Competitive salary. 
Resumes to Worksuite LLC 
(Emily), 20405 St. Hwy 249, 
#600, Houston, TX 77070. 


Programmer 

Maintenance of databases 
Pervasive Btrieve and 
PervasiveSQL v8!, Oracle 9i 
JDBC, ODBC, Oracle's OCI and 
OCCI, ADO/OLE DB and PDAC, 
SAG CLI Connectivity. B.S. in 
CS, Data Proc. or rel. w/abil. to 
use FreeBSD releases 4.x and 
5.x. Mandrake Linux v7.1, ANSI 
Common LISP, C/C++ using 
Yacc and Lex utilities. Perl, 
ActivePerl, PHP, Rogue Wave 
Tools.h++. Resume A-Soft 
Scientific, P.O. Box 1270 
Roswell, GA 30077 


PROJECT MANAGER sought 
by NJ-based int'l Logistics & 
Freight F/wdg Co. for job loc in 
Hamden, CT. Req'd to dvip & 
refine plans in the dsgn, imple- 
mentation & integration of 
KN/USCO architecture & dvipmt 
of software progs. for bus. trans- 
actions. Must have Bach Deg in 
Comp Sci (or equiv) and 3 yrs 
exp in job off'd. Must be exp’d in 
RUP methodologies, J2EE & 
Rosetta Net Standards. Send 
resumes to: Director, Arch & 
Planning, USCO Logistics, Inc., 
One Hamden Center, 2319 
Whitney Ave., Hamden, CT 
06518 


Software Developer w/ 


Bachelors in Computer 


Science/ Engineering 


aind 2 years exp. want- 


ed in Houston, TX 


Respond to: 


hr@thesystemshop.com 


Software Eng. to develop BPM 
Software on J2EE platform w/ 
JDBC compliant database 
Programming using Microsoft 
SQL Server 2000/7.0, MySQL 
and PostgreSQL on Windows 
NT, UNIX & Linux platforms 
Design & test applications using 
HTML, DHTML, XML, Java 
JSP, Serviets, Java Scripts, 
EJB, RMI, CORBA, ASP, 
JavaScript, Velocity templates & 
Jetspeed Utilize Internet 
Information Servers, Photoshop 
& Illustrator for front-end graph: 
ics. Use UML for application 
model & LDAP for ADS. Comp 
salary. BS in Computer Science 
with + 2 yr. exp. Open Systems. 
4005 Windward Pl., # 550 
Alpharetta, GA 30005 with proof 
of perm. work auth 


Senior Business  Analyst/ 
Programmer Assist health orga- 
nizations develop the steps to 
comply with the HIPAA, assess 
the current environment, provide 
recommendations for achieving 
HIPAA compliance within the 
required time frames, and pro- 
vide remediation assistance and 
training. Provide leadership and 
direction to project teams and 
client staff regarding HIPAA 
Privacy and Security. - 2 yr 
experience in using eXchange. 
eGate, elnsight for implementing 
ED! transaction/Experience in 
using system development life 
cycle methodology approach/ 
Experience with mainframe plat- 
form (COBOL, CICS, ADABAS. 
NATURAL VSAM, DB2 and 
JCL). Base Salary $65000 
Send application and resume 
to: LB Infosys. 1300 Edgewater 
Dr #306.Pierre, SD 57501 


IT Service Coordinator wanted 
to develop, design, analyze, and 
modify web-based and applica- 
tion software. Provide routine 
solutions and analyses. Plan 
web-site development and 
establish and maintain web 
server. Programming internal 
application and related IT strate- 
gy planning. BS in Computer 
Science and related experience 
required. Send resume to HR 
Dept Mississippi Home 
Corporation 735 Riverside 
Drive, Jackson. MS 39202 


Software Engineers: Analyze. 
design, develop & deploy apps. 
in SAP R/3 Modules (MM, SD, 
WM, PP, PM, FICO & HR) and 
related technologies (ABAP/4 
ALE, EDI, IDOCS, ITS), SAP 
BW, Oracle, SQL Server and 
Visual Basic. Send resume to 
HR, InfoWeb Systems, Inc 
3435 Asbury Road, Suite 175, 
Dubuque, IA 52002. EOE 


Falcon Farms, a fresh cut 
flower importer seeks: 
Computer Programmer: 
Develop/implement appli- 
cations for long-term deci- 
sion making, optimum pro- 
ductivity, train users. BS in 
Comp. Sc./Syst. Engr w/rel. 
exp. Resume to: Ref# 202, 
HR., 1401 NW 78 Av, 


Miami, FL 33126 
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Software Developer | 
Presentation Tier: Perform GUI 
design, product development 
and defect resolution in a J2EE 
environment using Java, Struts. 
Taglibs, JOBC, SQL and XML 
Develop web components using 
MVC architecture. Participate as 
a project team member through- 
out the full software develop- 
ment life cycle. B.S. in CS 
Information Science, EE or relat- 
ed. Must have the ability to use 
Java, Struts. Taglibs, JOBC 
SQL and XML and MVC archi- 
tecture. M.S accepted in lieu of 
B.S. 40 hrs/week, 9am-5pm 
Positions available: multiple. 
Resume to: Mr. Vichael Fleming, 
Vice President of Engineering, 
EPL Inc., 22 Inverness Center 
Parkway. Suite 400 
Birmingham, AL 35242 
jobs@epI.net 


Seeking qualified applicants for 
the following positions in 
Collierville, TN: Senior Bus- 
iness Application Analyst. Act 
as liaison between technical 
developers and_ users/cus- 
tomers. Requirements: Bache- 
lor's degree or equivalent* in 
computer science, business. 
math, statistics or related field 
plus 5 years of experience in 
analyzing business systems and 
developing technical automated 
solutions. Experience with Java 
or C++; development of n-tiered 
object-oriented applications; and 
either Cobol, DB2 or CICS also 
required. *Master’s degree in 
appropriate field will offset 2 
years of general experience 
Submit resumes to Sibi George 
FedEx Corporate Services, 
1900 Summit Tower Bivd., Suite 
1400, Orlando, FL 32810. EOE 
M/FIDIV. 


PROGRAMMER ANALYSTS for 
Hickory Hills, IL office. Design & 
Develop software applications 
using Oracle, XML, UML, C++, 
Sybase, Interwoven, Coolgen, 
ClearCase, ClearQuest, PVCS, 
UNIX. Bachelors req'd in 
Computers, Engineering, Math 
or related field of study +1 yr of 
related exp. 40 hrs/wk. Must 
have legal authority to work per- 
manently in the U.S. Send 
resume to HR Manager, Compro 
Consulting Group, Inc., 8619 W 
95th St., Hickory Hills, IL 60457 


Paradigm Infotech is looking for 
programmer/system analysts, 
s/w engineers. Candidate must 
have BS with at least one-year 
IT experience. Good skills in 
C/C++, Java, Oracle, WebLogic, 
VB, HTML, ERP are plus 
Traveling is required. Apply 
jobs@paradigminfotech.com 
EOE 


Logic Solutions looks for IT pro- 
fessionals. Applicants must have 
MS/BS with minimum 1-yr exp. 
Duties include administer & set 
up WebSphere, IBM HTTP serv- 
er, Apache, iPlanet and Tomcat 
web servers for commercial web 
sites on Windows, Solaris. 
Contact hr@logiclink.com 


Management Analyst with expe- 
rience to research and develop 
short as well as long term plans 
and business strategies for soft- 
ware development to include 
outsourcing of software develop- 
ment services and business 
processes. Research market 
conditions and forecast trends 
for SAP and Oracle ERP solu- 
tions and services. Working 
Knowledge of COGNOS and 
Microsoft Project is preferred. 
Position requires Bachelor's 
degree in Management or relat- 
ed field and atleast 3-5 years! 
related work experience. Send 
resume to Rashi Information 
Services Inc, 214 Senate 
Avenue, Camp Hill, PA 17011 
Attn Ravi Jaganmohan 


S/W Engineers to design, 
develop/maintain web and 
CRM appis using Java, VB, 
Oracle, Dev 2000, SQL, JSP, 
Clarify Suite of Products, 
Weblogic on Windows & UNIX 
OS; provide training & user 
support for the systems and 
related appin internally & to 
clients; test, debug and mod- 
ify existing software. Require: 
MS or foreign equiv in 
CS/Engineering(any branch) 
& 1 yr exp. in IT. F/T. High 
Salary. Travel  invoived. 
Resumes to HR, ABZ 
Consulting, Inc., 2600 Century 
Prkwy, Ste 100, Atlanta, GA 
30345 


Sr Systems Analysts to man- 
age projects to design, devel- 
op, test, implement, maintain 
and support business applis 
using Oracle Financial and 
Manuf appis, Oracle, SQL, 
Dev 2000 in Windows/UNIX 
envir; plan, direct, coordinate 
activities of projects on-time 
and on-budget; analyze busi- 
ness reqs of clients and re- 
engineer business appis. 
Require: Master's in CS/ 
Business and 1 yr exp in IT. 
Travel involved. F/T position. 
Competitive salary. Resume 
to: HR, Quest America, Inc., 
211 East Ontario Street, Suite 
1800, Chicago, IL 60611 
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BUSINESS ANALYST. Keller. 
Texas. Require Bachelor's 
degree in a technical discipline 
such as engineering, physics or 
math & MBA, data modeling and 
data analysis experience, & 
graduate course work/project or 
previous work experience using 
statistics software applications 
Send resume to Corning Cable 
Systems, LLC, Attn: Human 
Resources Manager, 

Denton Highway, Keller, 
76248. NO PHONE CALLS 
PLEASE 


Systems Analyst 

Analyze, design, and deploy 
customized IT solutions based 
on a client's needs and business 
environment Must have 
Bachelors Degree or foreign 
equiv. in Computer Science or in 
a related field & 1 yr. exp. or 1 yr. 
exp. in a related position w/abili- 
ty to use: OS Windows, C# 
MDX, OLAP, and XML and must 
be willing to travel and relocate. 
40.0 hrs./wk 9:00 AM - 6:00 PM 
Applicants send cover letter and 
resume to: SRA Systems,1945 
Cliff Valley Way, Suite 270, 
Atlanta, GA 30329, Attn: S 
Nagarajan 
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DATABASE ENGINE DESIGN- 
ER/DEVELOPER-Quantit- 
atively-based Financial Manage- 
ment firm seeks Database 
Engine Designer/ Developer 
Duties include development and 
maintenance of proprietary 
database engines, databases 
for Company's computer- driven 
trading systems and supporting 
accounting systems (including 
equities, options and futures 
databases), reporting programs 
and utilities. PH.D. in Computer 
Science required. Will accept 
candidates with Master's degree 
and two years experience in job 
duties. Salary according 
experience. Mail resume 
RTC; 600 Route 25A, East 
Setauket, NY 11733, Attn: RM 


Legal Information Services co 
with head offices in NYC has 
opening for senior software 
engineer with exp in VB, OOAD 
methodology, COM, UML 
DHTML, XML, ASP, C++/Java 
iS, ADO, C#, .NET, Oracle 
Crystal Reports and SQL Server. 
Analyze, design, develop, test & 
support web-based e-commerce 
applications for MS Windows 
Resumes to HR Dept. CT 
Corporation Systems 111 
Eighth Ave, NY, NY 10011 
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Prog/Analysts to analyze, 
design and implement appis 
using OOAD, C, C++, VC++, 
VB, Oracle, HTML, SQL 
Server, GUI tools, ASP, 
VBScript, Crystal Reports 
under Windows, UNIX & Sun 
Solaris; perform testing 
debugging and documenta- 
tion cf software appis; main- 
tain and support existing 
applications. Require: B.S. or 
foreign equiv. in CS/Engg. 
(any branch) & 2 yrs exp. in 
IT. Travel involved. F/T. Comp. 
salary. Responses to: HR, 
Ciphertrust, Inc., 4800 North 
Point Parkway, Ste 400, 
Alpharetta, GA 30022. 


SBI is looking for the following 
positions for its offices in 
Houston, TX, San Francisco 
CA, Warren, NJ, Salt Lake City 
UT and Portland, OR Art 
Director, Web Designer. 
Programmer Analysts, Technical 
Architects, Technical Consul- 
tants, Business Strategists 
Systems Analysts, Software 
Engineers, Software Deve- 
lopers SAP Consultant 
resumes by email or fax only to 
HR, SBI 2825 East Cottonwood 
Parkway, Suite 480, Salt Lake 
City, UT 84121 
careers@sbiandcompany.com 
Fax (801) 733-3201 
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Software Engineer. Sought by 
Englewood Colorado consulting 
company to work in various 
unanticipated locations through- 
out the U.S. Duties: Research 
design and develop computer 
software systems in conjunction 
with hardware product develop- 
ment. Analyze software require- 
ments to determine feasibility of 
design within time and cost 
restraints. Consult with clients 
to define needs or problems 
Use of Oracle 8i, Bounds check- 
er, Visual 0, C, C++, Java 
SQL and Windows NT. Regs 
Bachelor or equivalent in 
Computer Science, Computer 
Engineering or related field 
Pius 6 months in the job offered 
or 6 months in a related occupa- 
tion, including Programmer 
Analyst. $46,634.00/year, 40 
hrsiwk, 8AM-5PM Respond 
by resume to EMPLOYMENT 
PROGRAMS, PO Box 46547 
Denver, CO 02, and refer to 
Job Order No. CO5062096 


Departmental Information 
Systems Specialist 


To provide technical/user sup- 
port for computer sys. within 
assigned dept.; analyzes, writes 
and maintain web-based data- 
base apps. to increase operating 
efficiency with ASP, UML, Stored 
Procedures, Content Mgmt and 
SharePoint server skilis 
Req.M.S. degree in CS, CIS ora 
related field proficiency in 
ASP.net, Oralce PL/SQL & 
WHS. 40hrs/wk. Send resume 
to HR, 6000 N. Terminal PKWY. 
Atrium, 4th Floor, Atlanta, GA 
30320. Fax: (404) 305-7950 


Prog/Analysts to analyze, 
design, test client server/web 
appls with OOAD methodolo- 
gies using Java, VB, EJB, 
Serviets, JScript, XML, HTML, 
Oracle, SQL, JDBC, Access, 
Weblogic, etc in Windows OS; 
analyze business processes, 
determine reqs, generate 
reports; perform onsite/offsite 
maintenance, document, 
debug, test, perform code 
optimization. Require: BS or 
foreign equiv. in CS/Engg 
(any branch) & 2yrs exp. in IT. 
Competitive salary. Travel 
invoived. F/T. Resume to: HR, 
Bahwan Cybertek Tech- 
nologies, iInc., 209 West 
Central Street, Ste 312, Natick, 
MA 01760. 


Seeking qualified applications 
for the following positions in Des 
Moines, lowa and Dallas, TX 
Senior Programmer Analyst 
Analyze, design, test, dataware- 
housing software appins using 
Cognos, Teradata, Informatica 
DB2, JAVA, HTML, on UNIX 
MVS, Windows OS; gather, doc- 
ument reqs from user communi- 
ty: test, trouble shoot project 
appin code according to system 
objectives. Requires: BS or for- 
eign equiv. in CS/Engg.(any 
branch) & 3 years of IT. 
Competitive salary. F/T. Travel 
Involved. Resume to HR, !TCell 
Inc, 14200 Midaway Rd, # 135 
Dallas, TX 75038. EOE M/F/D/V. 


PROGRAMMERS/ENGINEERS 
needed: Several Sr. and Mid 
Levei positions available for 
qualified candidates possessing 
MS/BS & relevant work experi- 
ence. Work with COBOL, JCL 
VSAM, DB2, CICS, ORACLE 
JAVA, SERVLETS, XML, EJB 
C++, VC++, SYSTEM ADMIN 
DBA's, SAP, Seibel, PeopleSoft 
and Technical Recruiters 
Please mail resume to Attn: HR 
Dept. LanceSoft Inc, 1922 
Ingersoll Ave Suite #3011, Des 
Moines, 1A 50309 
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Element Manager Software 
Developers needed to design 
and implement Network 
Management System software 
for Cisco devices using Cisco 
Element Management Frame- 
work for communications cus- 
tomers. Develop system soft- 
ware using C++, Unix and 
Object Oriented design and 
development methodologies. 
Design management system 
software by analyzing Manage- 
ment Information Base(MIB) 
Develop Network Management 
System software using Simple 
Network Management Protocol 
(SNMP) and other protocols 
Provide technical support for 
customers and serve as techni- 
cal resource for junior engi- 
neers. Requires a Bachelor's 
degree in Computer Science 
Engineering or related field and 
three years experience as a 
Software Engineer, Programmer 
or Analyst. Experience must 
include one year of experience 
developing Element Manager 
Software using Cisco Element 
Manager Framework. To apply 
please send resume to Angie 
Lebitz, Cyberwerx, Inc. 13000 
Weston Parkway, Suite 109 
Cary, NC 27513. 


Pooi Cover manufacturing com- 
pany requires Programmer 
Analyst Duties: Design, devel- 
op, test, debug, and implement 
in-house software applications 
in the areas of Production man- 
agement, Accounting and Sales 
Thorough Oracle RDBMS expe- 
rience using FoxPro, Visual 
FoxPro. Windows Script 
Hosting, VBA, and SQL. Exp- 
erience creating COM objects 
and connections to AutoCad. 
Create Web based applications 
using Visual FoxPro. Req- 
uirements: A Bachelors Degree 
in Math, or Sci, or Comp. Sci 
or, Engg., (or equivalent), and 
two years experience in the job 
offered or related occupation 
40hrs/wk, M-F, 8:00AM to 
5:00PM. Job to be performed in 
Trenton, NJ. Send resumes to 
Operations Manager, Merlin 
Industries, Inc., 70 Culbertson 
Avenue, P.O. Box 570, Trenton 
NJ 08604 


Software Engineer: Provide 
business intelligence reporting 
database ETL (Extract 
Transformation & Loading), data 
warehouse & Java expertise to 
develop cutting-edge, J2EE 
enterprise software; perform 
complex data warehouse design 
& programming tasks; create 
technical specification; perform 
design process & code review 
perform maintenance & 
enhancement of software com- 
ponents & unit testing. Reqs: 
B.S. in Comp Sci, Info Sys or a 
related field. 2 yrs exp in job 
offered. Prof in UNIX, Windows 
NT/2K, Informatica, Reporting 
tools, Oracle, SQL, HTML 
DHTML, Java, J2EE, Java- 
Script, JSP, Serviets, JDBC 
Source Management, Star 
Schema design & 00 method- 
ologies. 40hrs/wk. Send res. to 
box V-1, P.O. Box 17182, Phila 
PA 19105. 


Database Admr. (4 openings) 
Analyze, design software & 
hardware requirements. Install 
adm. Oracle databases in HA 
cluster. Support OPS. Adm 
OAS Database recovery 
RMAN _ backup. Datastage 
ERWIN, Reportwriter, Forms 
Replication Mgr., Pro*C, Shell 
Scripting. Use Solaris, HP-UX 
AIX, DEC-Alpha, NT. Req 
Bachelor's or its foreign degree 
equiv. in CS, Mathematics or 
other Engg or science field + 1 
yr exp. in job offered. 40 hriwk 
Resume to: HR Mgr, Omnisoft 
Inc., 1265 Compass Pointe 
Crossing, Alpharetta, GA 30005 


FT Project Manager. Multiple 
positions. Responsibilities _inci- 
ude: Manage the design. devel- 
opment and implementation of 
multi-tier client/server, Internet 
Intranet based systems, multi- 
user, re-engineering applica- 
tions for insurance companies 
utilizing Legacy Mainframe 
Insurance Applications including 
Vantage-One, ACES, DSS, RPS 
and PREMIER systems; man- 
age systems analysts designing 
systems with tools including 
DADS, SAVRS, SAR, APC 
PanApt ompareX Spufi 
Deigen, QMF, Dispatch and 
RDS, and Internet-based appii- 

with HTML, JAVA 

JavaScript, JSP, and 
XSLT: manage user acceptance 
tests and user training. Must be 
willing to travel to client sites 
Monday-Friday. Must have a 
Master's Degree or foreign or 
educational equivalent n 
Computer Science, Engineering 
or a related field and three years 
of experience as a systems ana 
lyst or in a related occupation, or 
a Bachelor's Degree or foreign 
or educational eq ent 
Computer Science, Engineering 
or a related field and five years 
of progressive experience as a 
systems analyst or in a related 
occupation. If interested, submit 
resume in cate to 


Ms. Sandy Pruitt 
NIIT (USA), Inc. 
1050 Crown Pointe Parkway, 
Suite 500 
Atlanta, GA 30338 


Computer. Moneyline Telerate a 
leading financial inform 

vices firm 

Trading Systems fc 

to direct /deve' 

strategies for management 
data distribution systems 
directly to CTO. Req'd 
CSc/EE/ related area, 3 yrs exp 
in building global scalable real 
time equity and/o 

systems, w/full e 

from inception to delivery, initiat- 
ing devising, monitoring, review- 
ing strategic plans, & performing 
gap analysis to ensure that 
dvipmnt projects meet long- 
range financial goals. 7 years 
exp req'd w/iBM MQ Series. 
Tibco TIB & Rendezvous, Hawk 
System, Triarch, SmartSocket 
iP multicast, STAMP/FIX/JIMS & 
mathematical optimization aigo- 
rithms, data compression algo- 
rithms, data encryption & securi- 
ty on distributed systems; in 
overseeing through intermediate 
management the design & cre- 
ation of detailed software sys 
tem specifications & in 
researching/implementing best 
practices in dvipmnt strategies. 
No search firms. Send e-mail 
wiresume & comp rqmts 
recruiting@moneyline.com 


Riversand Technologies, Inc 
specializes in providing solu- 
tions in the areas of Product 
Data Management and services. 
custom product development 
and B2B integrations. We are 
currently looking for the foliow- 
ing 


Systems Analysts: Analyze 
design, develop, test, and imple- 
ment B2B/Enterprise Application 
Integration packages and 
Distributed Applications. Used 
UML, C#, VB.NET, ASP.NET, 
SQL Server, XML WebServices. 
SAP Modules and Data 
Warehousing tools. Involved in 
Database Development by 
Writing and Implementing 
Packages, Stored Procedures 
Triggers and Functions using 
PL/SQL Need Bachelor's 
degree in Computers or 
Engineering or a related field 
Need 2 years of experience 


Send Resume to: HR Manager, 
Riversand Technologies, inc 
13405, NW Freeway, Suite 228 
Houston, TX 77070 or via e-mail 
at HR@Riversand.com 


Computerworld + InfoWorld + Network World - December 15, 2003 


Client-Server Developer. Req 
uirements: Experience with 
Federal Vehicle Identification 
Software and Requirements. 
Microsoft MTS, Visual Interdev. 
US, Great Plains eEnterprise 
5.0+ andCitrix W ame. 
Metaframe; Ability to prioritize 
and schedule deliverables, and 
to communicat early in 
English, orally and in writing 
with co-workers and outside 
resources; 3 years of Client- 


n Development 


Client-Server application devel- 
opment, testing, implementation 
ntenance of custom 

ation 


environment 
management t 

ment strategy and p 
with users to identify 
tize bug fixes and 
enhancements ar 
Database Ad 


years experi- 
ftware Application 
40 hours per 

9.222 per year. 
copies of resume 
3118, Labor 

19 Staniford 

r, Boston, MA 02114 


NYFIX nc. seeks 
Engineers w/MS in Comp Sci or 
v & 3yrs exp 
Dsgn, dvip & test real-time 
financial trading systems in C++ 
cross-platform 
Relatio' eory 
tems, db schemas, storec 
queries & triggers 
ybase. Exp 
mM systems. 
ris, Boost 
msg & storage systems. 
code optmise 
dsgn patterns 
Worksite NYC 


applic 
lows NT/CE & Sun Solaris. 
mpimt & integrate GUI 
Visual C++, MFC 
TCP/IP, Socket & 
programming 
Perl, UML 
Rational Rose, Oracle, Sybase. 
Windows & Pocket PC envrmt 
MS Comp Sci or equiv. Worksite 
Stamford, CT. (Job# 3018) 
Mail R & CL referencing Job # to 
NYFIX, Inc 8 Dept, 333 
udiow Street, Stamford, CT 
902 


for Analysis. 
Development and 
2mentation of various sys- 
ing CRM Configuration 
Siebel VB, Siebel 
learbasic, and U!Editor. 
Develop business processes in 
Siebel 2000 eBusiness applica- 
tions and rify eBusiness 
applications. Very good function- 
ai knowledge of Cal! Center and 
Billing Solutions process need- 
ed Bachelors Degree in 
Computer Science or relevant 
field with 4 Years of work experi- 
ence in related occupation. 49 
Hrs./Week $70,000/annum 
Must be willing to reiocate to 
various unanticipated work loca- 
tions throughout the USA every 
4 to 10 months, employer paid 
Must have proof of legal author- 
ity to work in the United States 
Send your resumes to the lowa 
Workforce Center, 215 Watson 
Powell Jr. Way, #100, Des 
Moines, lowa 50309-1727 
Please refer to Job Order 
1A1101810 Employer paid 
advertisement. 
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SOFTWARE ENGINEER 
Software Engineer needed to 
serve as Project Manager in the 
development and maintenance 
of telecommunications billing 
applications involving storage 
retrieval and display of billing 
data, and the management and 
storage of claims, adjustments 
and credits; perform analysis. 
coding, design and testing of 
applications using PL/1, OAM 
COBOL, DB2, CICS and IMS 
Requires Bachelors degree in 
Management Information 
Systems or Computer Science 
or will accept Bachelors equiva- 
lent based on a combination of 
education and/or experience as 
determined by a professional 
education or experience evalua- 
tion service. Also requires one 
year experience in the job 
offered or one year experience 
in software engineering using 
PL/1, OAM, COBOL and DB2 
experience must include project 
management relating to the 
development of telecommunica- 
tions billing applications. Salary 
$90,500/yr, 40 hrs/wk, 8AM to 
5PM, Monday to Friday. To 
apply, submit two (2) copies of 
resume to: Case #200203283 
Labor Exchange Office, 19 
Staniford St, 1st fl, Boston, MA 
02114 


Database Administrator: OH Ct 
System seeks Database Adm- 
nistrator to design/setup/sup 
port/backup/recovery UNIX sys 
t and Oracle databases; ana 
lyze/evaluate/supervise software 
development, design/ maintain 
security provisions for apps/DB 
analyze/maintain/ install apps/DB 
software to ensure smooth oper 
ation. Master's in Comp. Info Sci 
and min 6 mos in-job/job related 
exp is req, including min 3 mos 
exp w/RDBMS/SQL and UNIX 
Linux CGI programming; Apache 
admin. Exp may be gained 
before, during or after degree 
Resumes to M. Flanagan 
Cleveland Municipal Court, 1200 
Ontario St. Cleveland, OH 
44113. No calls. EOE 


Project Engineer 


Pitney Bowes Inc. has an opening 
in its Shelton, Connecticut office for 
a Project Engineer 


Design test strategy documents 
write test cases, hold test case 
reviews, execute test cases, log 
defects into the Clear Quest defect 
tracking tool, follow-up on the 
defects until resolution, hold defect 
review meetings, enter test results 

the TRA tool and hold test 
results meetings 


Must possess at least a bachelor's 
valent in Engin- 
Science or a 
related field and relevant work 
experience as a Test Engineer 

Product Development, including 
experience with unit, component 
integration, functional, reliability 
ecurity, performance, stress and 
load testing, testing of Internet and 
intranet applications, testing in a 


Windows environment using MTS 


degree or 


eering, Cor 


C++ and Visual Basic, test automa 
ion, and System Test organizatior 


Resume and/or cover letter must 
eflect each requirement above and 
specify reference code PE/VP or it 
will be rejected 


Forward resume to Robbin Drew 

tt, Pitney Bowes Inc., One 
E oft Road Stamford CT 
06926-0700 


Vega, a NJ based computer 
consulting company, is current- 
ly staffing for long term stimulat- 
ing projects throughout the US. 
We are hiring professionals with 
any of the following skills: 

Unix System Engineer, Biztalk 
Net Developer. SeeBeyond 
Developer, VB, Cobol/ DB2 
Java/EJB, PowerBuilder, Siebel 
AS/400, C++, Oracle. Submit 
resumes to 


pperanio@vegaconsulting.com 


Web Infrastructure 
PU ibaia 


CSC, Fortune 500 leader ir 
Newark is currently seeking ar 
experienced professional t 
administer Web sites/server 

Web application servers, and 
related utilities in the Extranet and 
Intranet Web Hosting 
Environment including: iPlanet 
Apache, Bowstreet, JRUN & 
Tomeat technologies and UNIX 
Solaris O/S. Requires a BS or 
equivalent and relevant 


experience 


fers competitive salarie 

and excelle benefits. Please 
forward rest t csc 
Attn: Human Resources, 400 
Commerce Drive M/S 1SB6, 
Newark, DE 19713. Reference 
job code $S031405 in cover let 
ter. EOE M/F/D/V. 


coe 
Te 


SENIOR PROGRAMMER/ANA 
LYST to analyze, design, devel- 
op, test, maintain, implement 
and support web-based applica 
tion software using Java, EJB 
AWT, JSP, Serviets, JDBC 
RMI, XML, XSL, JavaScript 
WebLogic, Oracle and SQL 
Server on Windows platform. 
Require: Bachelor's degree in 
Computer Science an 
Engineering discipline, or a 
closely related field with 2 yrs of 
exp in the job offered or as a 
Software Engineer or 
Programmer. Extensive travel 
on assignment to various client 
sites within the U.S. is required 
Competitive salary offered 
Apply by resume to: Ravi 
Kandimalla, President, Everest 
Computers Inc 900 Old 
Roswell Lakes Parkway, Suite 
300, Roswell, GA 30076; Attn 
Job SH 


i Otis 


AL wed Ten tne ag 2s Sompar 


HRIS Analyst 


Otis Elevator Company has 
an immediate opening in its 
Farmington Connecticut 
Office for a HRIS Analyst 


Assists in the global imple- 
mentation and training on new 
HRIS systems and upgraded 
systems, in identifying on- 
going prograrn enhancements 
and/or additional system func- 
tionality, and with the precise 
and effective communication 
of system requirements to 
local and international system 
developers 


Qualified applicants must pos- 
sess a bachelor's degree or its 
equivalent in MIS, Engin- 
eering Business Admin- 
istration, Human Resources 
or related field and relevant 
work experience. Experience 
to include: Web Applications 
(ASP, HTML XML and 
JavaScript); SQL, Oracle and 
MS Access; system analysis 
design, development and 
implementation and project 
management 


Resume and/or cover letter 
must reflect each requirement 
above and specify reference 
code AJHA or it will be reject- 
ed 


Forward resume to Caraline 
Moses, Manager, Human 
Resources, Otis Elevator 
Company, 10 Farm Springs 
Road, Farmington, CT 06032 


We are an Equal Opp- 
ortunity Empioyer. Visit our 
Web site at www.otis.com 


Nastel, Inc. is looking for 
Database Design Analysts for 
West Columbia, SC office loca- 
tion. Some duties for the posi- 
tion include designing logical 
and physical databases for com- 
mercial and federal financial 
mftg. and human resource appli- 
cation modules; implementing 
large global database applica 
tions with multiple-languages 
multi-currency and Oracle ver- 
sions. Qualified applicants must 
possess the following: Master's 
Degree in Computer Information 
Systems or Manufacturing Mgt 
and 3 yrs of exp. as a Database 
Design Analyst Systems 
Analyst or Oracle Database 
Administrator. Applicants must 
possess 1 yr of exp. in: 1) Oracle 
Applications InterConnect (OAI) 
Oracle Financial Analyzer 
(OFA), Oracle Portal and Single- 
Sign-On (SSO) configuration; 2) 
Designer2000, Discoverer2000 
and Developer2000; 3) Citrix 
MetaFrame deployment 4) 
Performance Tuning and 
Backup/Recovery; and 5) Data 
modeling using Oracle CASE 
Methodology Please send 
resumes to Computerworld 
REF 7668.002.500, Olid Conn 
Path, Framingham, MA 01701 
REF 7668.002 


Immediate opportunities for both 
entry-level and experienced 
Programmers Programmer 
Analysts, Systems Analysts 
Software Engineers, DBA's and 
Software Consultants with three 
or more of the following skills 
Java, Shell Scripts, SAS, PLC 
Textra, XML SQL DB2 
mqPCX, Oracle, PowerBuilder. 
Rational Rose, Sybase, Perl 
PeopleSoft, Crystal Enterprise 
Crystal Reports, Teradata & MS 
Visual Studio. Bachelor's or 
Master's degree reqd., depend- 
ing on position. tyr exp reqd 
depending on position We also 
accept the foreign edu. equiv. of 
the degree, or the degree equiv. 
in edu. and exp. Frequent travel 
and relocation. Send confiden- 
tial résumé and salary require- 
ments to: HR, Transworld, Inc 
1515, Woodfield Road, Ste. 625, 
Schaumburg, !L, 60173 Visit our 
website at www.transwid.com 
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SENIOR PROGRAMMER/ANA- 
LYST to analyze, design, devel- 
op, test, implement and main- 
tain application software using 
C, C++, Java, JDBC, ODBC 
Tibco, MQ Series Oracle 
Sybase, Apache XML Parser 
and Tomcat under UNIX, Linux 
SUN Solaris and Windows 
operating systems. Require 
B.S. degree in Computer 
Science, an Engineering disci- 
pline, or a closely related field 
with 2 yrs of exp in the job 
offered. Extensive travel on 
assignments to various client 
sites within the U.S. is required 
Competitive salary offered 
Send resume to: Sundeep 
Chaudhry, Elite Solutions, Inc 
1670 Reserve Way, Ste 203. 
Decatur, GA 30033; Attn: Job 
MA 


American Cybersystems, Inc 
seeks exp'd IT professionals & 
Network Engineers / Adm- 
inistrators & Public Health Data 
Analyst / Consultant) SAS pro- 
grammers. IT professionals 
must have B.S C/S or Eng’g 
(any branch) & exp. using fol- 
lowing skill ssets: (a) Informatics 
PowerMart, ETL Tools, DB2 
Teradata, C++, Unix; (b) ETL 
Sieoel, EIM, Business Objects. 
SQL Anywhere, Data Junction 
Rational ClearQuest, HP- Unix 
etc. (c) Public Health Data 
Analyst / Consultant / SAAS pro- 
grammer must have B.S./MS 
Public Health & min. 1 yr. exp. in 
statistical analysis of health care 
data / healthcare industry using 
SAS 8.2, SUDAAN, SPSS, EPI- 
Info 2000. Please send resumes 
only to 100 Crescent Center 
Pkwy, Ste 200, Tucker, GA 
30084 





IT Careers 
Wants You! 


Take the hassle out of 


job searching and 


check us out at 


www.itcareers.com. 


Today, more than ever, 


| the right skills fuel the 


new economy and IT 


Careers wants you to be 


there. Check us out at: 


www. itcareers.com 








CW031215\N3 





Computer Systems Modeling & 
Simulation Engineer. Req. Bach 
deg. or higher in Comp. Sci 
Eng., or related field & 2 yrs exp 
in job offered or 2 yrs exp. in 
routing & application layer proto- 
cols. All of exp. must incl. con- 
figuring & troubleshooting WAN/ 
LAN technologies, VLANS 
Advanced Spanning Tree & 
Multi-layer switching. Must also 
have exp. analyzing application 
behavior on networks using QoS 
& exp. w/software design & 
management, scalability, & per- 
formance testing of Enterprise 
Applications. Resp. for planning 
designing, optimizing, & imple- 
menting comp. systems & 
applic. performance using rout- 
ing & applic. layer protocols 
Perform modeling & analysis at 
physical, data, control, & higher 
order protocol layers to develop 
high-perf. scalable comp. sys- 
tems. 40 hrs/wk. Job located in 
Wash. D.C. Send resume to K 
Russ, Resource Consultants 
Inc., 2650 Park Tower Dr. 
Vienna, VA 22180. 
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Sr. Programmer 
Analyst 


CSC has a Sr. Programmer 
Analyst position available 
in Pass Christian, MS 
Develop, maintain & debug 
new applications & 
interfaces to existing site 
manufacturing applications 
utilizing ORACLE DATA- 
BASE & MS SQL Server 
database products. Work 
on software solutions running 
on WIN95/NT operating 
system platforms. Develop 
& maintain software appli- 
cations using MS Visual 
Basic & Developer 2000 
programming tools. Use 
Seagate Crystal Reports 
software to provide report- 
ing of manufacturing data 
Provide manufacturing criti- 
cal support services during 
all hours (including off- 
hours). Requires BS or 
equivalent & relevant 
experience. Submit cover 
letter & resume to CSC, 
HR, 400 Commerce Drive 
M/S 1SB6, Newark, DE 
19713. Reference job code 
PBO70105 in cover letter. 


rer 


American Information Tech 
nology Corp has several open- 
ings for Programmer Analyst 
Systems Analyst/Software 
Engineer, System Admn 
Database Administrator with at 
least two years of experience in 
any of the following skills. 


Database Admn: ingress 
Informix, Oracle, Sybase, MS 
SQL Server, DB2, ADABAS 
Essbase, IDMS, IMS/DB 
Systems Admn: UNIX (SUN 
HP-UX, AIX, LINUX), Windows 
NT, MVS 

Programmer Analysts/ Syst- 
ems Analysts/Software Engin- 
eers VB PB AS/400 
RPG/400, Synon, JDEdwards. 
Progress, Java, J2EE, HTML 
C++ VC++ Lotusnotes 
CORBA, EDI/Mercator, Gentran 
CGI, Perl, PL/SQL, Oracle 
Cobol, SAS, JCL, NATURAL 
Cognos, Erwin, ETL, ACTA 
Sagent, Informatica, Peopleoft 
SAP, DW, BO, Coldfusion 
TIBCO Net, C#, Oracle 
Financials, Datastage, Abinitio 
CRM, Siebel, Actuate, Win 
Runner, Load Runner, Silk 


Some positions require a 
Bachelors Degree others 
Masters Degree Equivalent 
degree and experience is also 
accepted. Exc. Pay & Benefits 
Please indicate the position you 
are applying. Mail resume to: 
HR Dept., 3204, Long Prairie 
Road, Suite E, Flower Mound 
Texas - 75022 


Project Development Coor 
dinator/Support Specialist - vari- 
ous locations throughout the 
U.S. - Provide technical assis- 
tance to comp system users 
Answer questions or resolve 
comp problems for clients 
Provide assistance concerning 
use of comp hardware & soft- 
ware. Must have B.S. or equiv 
in comp science or engineering 
Must have 2 yrs exp in job 
described or 2 yr exp as a comp 
professional. 2 yrs exp to 
include 1 yr exp w/performing 
systems analysis, design and 
implementation, customizing 
quality assurance, and produc- 
tion support. Position is 40 
hrs/wk from 8 to 5 w/yrly salary 
of $64,240. Send resume w/ref- 
erence to Job Order #WEB 
377687 to Manager, Butler 
County CareerLink, Pullman 
Commerce Center, 112 
Hollywood Drive, Suite 101 
Butler, PA 16001-5699 


SOFTWARE SYSTEMS 
ENGINEER - ADVANCED 


Under minimal direction, provide 
specialized expe! 2 within mul- 
tiple systems and software disci- 
plines, and provide 
knowledge of related dis 
applications implications 
customer areas. Perform 
depth analysis of systems soft 
ware products includin 
plex problem resoluti 
development and testing. Assist 
Software Systems Engineers 
with customization, installation 
maintenance ng of stan 
dards and o zing product 
performance 
developmer ycle including 
feature nition, high and low 


level designs, im 


design 


ead the software 


mentation 
unit and system testing for com- 
mercial product delivery via 
coordination and mentoring of 
specific team resources. Assist 
in technical development of 
Software Systems Engineers 
Participate in the planning and 
conversion of new hardware 
software products. Take owner 
ship of key customer escailations 
related to core product defects 
and work resolution by facilitat 
ing team resources and man- 
agement team re as 
Team/Feature Lead and coordi- 
nate team member(s) on a sin 
gle core feature area. Position 
utilizes knowledge and experi 
ence in object-oriented design 
web technologies, sec 

working collaborative applica- 
tions, Java, C#, ASP.Net, Java 
Microsoft Visual Studio, SQL 
Server hnology XML 
Microsoft .NET platform and 
web services programming 
Requires a Master's degree in 
Computer Science or 
Mechanical Engineering and 2 
years experience in the job 
offered or 2 years experience in 
web-based application deveiop- 
ment using C#, Java, ASP.Net 
Visual Studio, XML, SQL Server 
technology and services 
programming 40 hours per 
week: 8AM to 5PM, Monday 
through Friday. Salary $55,000 
per year. Must have proof of 
legal authority to work the 
United States. Send your 
resume to the lowa Workforce 
Center, 122 Kellogg Avenue 
Ames iowa 50010-0410 
Please refer to Job Order 
1A1101821 Employer paid 


advertisement 


Software Test Engineer (Fort 
Worth, TX Bachelor's degree 
(or equiv. for educ.) in com 
puter science, info. tech. or 
mathematics & 6 yrs." exp. in the 
job offered or 6 yrs." exp. con- 
ceptualizing, writing, & imple- 
menting software test methodol- 
ogy & the direct use of software 
test tools, both of which comply 
with regulated industry stan- 
dards [In lieu of Bachelor's 
degree, will accept 2 yrs. of uni- 
versity study in comp. sci., info 
tech. or mathematics & 2 add’ 
yrs. of exp. as stated] Stated 
exp. must include working with 
the entire information systems 
test life cycle" and hand n 
testing of multi-tier informatio 
systems. Must also have 1 yr.'s 
exp. managing multi-tier infor 
mation projects 
Conceptualize, write and imple- 
ment software test methodology 
& use software test tools to 
ensure reduction of business & 
technical costs, & correlation 
with corporate standards for 
risk-based compliance. Work on 
entire information systems test 
life cycle* (test planning, con- 
duct, analysis, documentation, & 
reporting, & corrective action 
tracking and re-testing) 
40hrs./wk. 8:00 a.m.-5:00 p.m 
Apply with resume to: Sylvia 
Cruz, Alcon Laboratories, Inc 
6201 S. Freeway, Mailstop IL- 
20, Fort Worth, TX 76134. EOE 


systems 
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SR. SYSTEMS ARCHITECT 


Devon & Philadelphia, PA 


Strong GE 
Organization 


Transport International Pool (TIP) is the national leader in 
trailer rental and leasing. GE Modular Space is the national leader 


in the leasing and selling of mobile office trailers and modular 


building solutions for commercial applications. Togethe ere GI 


TP / Modular Space. Join us and you'll be part of one of the world’s 


largest and most diversified companies 


Outstanding The selected 


design, application development, problem anticipation, and problem 


Opportunities 


solving at systems level. Will anticipate [T industry 


indidate will be responsible for providing architecture 


directions 


and apply them to future architecture needs and projects; interface 


across several channels, acting as a visionary to proactively assist in 


defining direction for future projects; and provide technical 


management for single or multiple projects. 


To qualify, you must possess a BS in Computer Science or equivalent 


along with 5 yrs exp. in the job offered OR 5 vrs progressive exp. as a 


Sr. DBA in complex IT environment building and supporting w 


and/or database technologies, infrastructure, and applications 


support and integration exp. with Infolease 


APPWORX, and 


Informatica required 


We offer competitive salaries and an excellent benefits package 


Please submit resume and salary requirements to: Human Resources 


Staffi 


g, GE Equipment Management, 426 W. Lancaster Ave 


Devon 


PA 19333 or E-mail to: Resume@ge.com Reference job #ITSSA 


Equal Opportunity Emplover 


Software Engineer. Design 
development & implementation 
of software applications for busi 
ness processes using object-ori- 
ented methodologies. Client 
consultation, analysis of project 
requests, requirements & feasi- 
bility, & recommendation for pro- 
gram/project =nhancements 
using the Rational Unified 
Process. Workflow documenta- 
tion Technical Environment 
J2EE; IBM Websphere; UML 
WASD; XML; JSP; JDBC; EJB 
Serviets; Beans; Swing; Visual 
Age for Java; Rational Rose. 
Bachelor's” degree in Comp. 
Sci. or Eng. + 2 yrs exp in job 
offered or as Software 
Consultant or Programmer 
Analyst req'd ("Associates 
degree in comp. eng. tech. + 2 
yrs exp in software deveiopment 
also acceptable 
experience must include: J2EE 
Websphere; UML. 40 hrs/wk 
$72,000/yr. Must have proof of 
legal authority to work in the US 
Send resume to lowa Workforce 
Center, 215 Watson Powell Jr 
Way, #100, Des Moines, !A 
50309-1727. Refer to JO# 
1A1101819. Employer pd ad 


Previous 


Lead Engineer. Req. Bach deg 
in Computer Eng., Computer Sc: 
or related field & 5 yrs exp. in job 
offered or 5 yrs exp. in database 
& web administration. Exp. must 
inci. use of Microsoft SQL 2000 
Windows 2000, OLAP Service. 
data warehouse, & lIS. Must also 
have exp. working on large-scale 
projects in database design & 
admin.; web server farm load bal. 
ancing: & using Web Trends 
report, MS FrontPage, ASP pro- 
gramming, & Cold Fusion. Must 
have MCSE Windows 2000 track 
(Microsoft Cert. Eng.) & MCDBA 
Database 
in.) certifications. Util. knowl 
emerging technologies, incl 
NET, web services, SOAP & 
XML to work on large-scale pro- 
jects involving database design & 
admin., & web admin. Design & 
architect comprehensive data- 
base mgmt. solutions for client 
environments. Use adv. technolo- 
gies, incl. .NET, Microsoft SQL 
2000, OLAP Service, & IIS to 
implement busin. solutions. Job 
located in Wash. D.C. Send 
resume to K. Russ at Resource 
Consultants, Inc., 2650 Park 
Tower Dr., Vienna, VA 22180 
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Software Engineer 
(Siebel Implementation) 


ROLES & RESPONSIBILITIES: 


Lead full life cycle development, implementation and 
customization of applications using Siebel eConsumer 
Goods including performing all Siebel Administrator and 
assignment manager duties. Setup and configure Siebel 
for development, test and production environments. Direct 
repository and physical schema upgrades, repository 
management, remote administration, deploymen ng 
Packager as well as Siebel Anywhe 
Enterprise Integration Manager job for data mapping as well 
as data integration. Use Oracle and Visual Basic to maintain 
and develop sales and support related software. Respond 
to support calls from users. Support business specific 
process for Trade Program management. Configure Siebel 
application using Siebel tools. Provide expertise in designing 
and developing workflow based on business rules. Troubleshoot 
and support Siebel server and client 


REQUIRED SKILLS/EXPERIENCE: 1 year in the job offered 
REQUIRED EDUCATION: BS in Electrical or Elect 


Engineering, Computer Science or related field 


Manage and evolve 


To apply, send resume and 
salary history to the following 
address: 1500 Valley Road, 
Wayne, NJ 07470. C/O Tim 
McConville 


Technical Architect. Reston, VA 
Resp. for full proyect life cycle & 
business dvipmt. Assist w/defn 
& scope of work & design sys 
tem/large modules. Daily cod- 
ng. Ensure timeliness & qity of 
deliverables. Provide sol'n t 


software applic 
defining and 
g new 
tectures and 
MFC/Win32 
Visual Basi 
&L 
analysis of complex softw 
activ. in area of focus. Utilize M. 
a “ae Requires Masters 
J2EE, NET; Win N IXP, Solaris CE, or other technicail/scientific 
AIX, Linux; Apache Struts, Tiles field. Will also accept a BS in 


tech. probi. assoc. w/spec. pro- 
ects. Attend all practice dvipmt 
mtgs. Define & lead interna 


nternationalizz 
Debugg 


alizatior 
gree in C 
DB2 Dracle Weblogic CS, CE or other technical/scien- 


Websphere, JBoss 
Java, PL/SQL, C++, Peri, She! 


Planet tific field and 5 years of progres- 
sive experience in job offered 
as a software engineer, systems 
omputer programmer. 
Three (3) years 
experience in the joo offered or 
three (3) years experience in the 
related occup: of systems 
analyst, computer programmer 
or related. $90,460.90 per year. 
40 hours per week 8:00am 
5:00pm. Send cover letter and 
resume in duplicate to Case 
#200202197, Labor Exchange 
Office 19 Staniford St., 1st Fioor, 
Boston, MA 02114 


scripting; clustered n-tier archit 
& wireless ntwrk (802.11B 
HTTP & WAP). REQ'S: Bach's 
(or for. equiv) in CS, Engr, or rel 
fid plus 2 yrs exp in job offd or 
as Sr. Systems Analyst or 
Systems Analyst; & 2 yrs. con 
current exp each utilizing Java & 
designing e-business web sites. 
Mail resume D.Schofield 
DiData, Inc, 135 Newbury St 
Framingham, MA 01701 


analyst 


or related 
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Continued from page 1 


E-voting 


state of Ohio [QuickLink 
a3860] as a “very positive re- 
port,” according to company 
Chairman David Hart. He said 
it will be easy to implement 
the changes called for. 
Similarly, Sequoia spokes- 
man Alfie Charles said that his 
company’s system scored well 
in the same Ohio review and 
that Sequoia has made many 
of the recommended changes. 
“We'll do whatever officials 
require us to do,” Charles said. 
Neither Diebold nor Elec- 
tion Systems made representa- 
tives available for comment. 


Industry Members Unite 
Meanwhile, six vendors — 
those four plus Advanced Vot- 
ing Solutions Inc. and Unilect 
Corp. — last week responded 
to the controversy by banding 
together to form an organiza- 
tion called the Election Tech- 
nology Council, which will ad- 
dress ethics and security prac- 
tices, among other issues 
[QuickLink 43463]. 

“We came together because 
our environment has become 
chaotic,” said Hart. “We need 
to be able to speak as an in- 
dustry in a single voice on the 
areas being regulated. ... We 
want to be part of the debate 
and tell our industry’s side of 
the story. There’s a lot of mis- 
information.” 

Still, many IT professionals 
engaged in the e-voting issue 
are troubled by the limits of 
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Corrections 


A story in last week's News section (“Las Vegas Schools Mix IP, Digital 
Communications”) incorrectly identified the vendor that supplied switching 
technology to the Clark County School District in Nevada. The school sys- 
tem’s new metropoiitan-area network is based on switches made by 


Foundry Networks Inc. in San Jose. 


Bocawe olin apices proveap The Geesdpen Tae ber 
Co., a story in the Nov. 3 issue’s News section 


| Computer Professionals for 





computer systems’ 
reliability. 

Seattle software 
developer Erik Nils- 
son’s experience 
writing database 
code in the historic 
1994 South African 
election made him 
feel “like a small cog 
in an overwhelming 
and complex proc- 
ess,” he said. Tech- 
nologists have to gain an un- 
derstanding of the difficulty of | 
running elections if they are to 
contribute to solving software 
security and quality problems, 
he said, because “there aren't 
very many coders who under- 
stand elections and not very 
many elections people who 
understand code.” 

Nilsson, who chairs the 


Social Responsibility working 
group on voting, is scathing on 
the subject of poor software 
quality in DREs. The lack of 
improvements to computer se- 
curity since he became in- 
volved with it in 1987 has led 


There aren’t 

very many 
coders who under- 
stand elections and 
not very many elec- 
tions people who 
understand code. 


ERIK NILSSON, 
SOFTWARE DEVELOPER 


YAO) Mam) 91-10) 
to win a key vote in 
er Gare 


| University in Palo Alto, 


him to conclude that 
for the time being, 
paper — that is, an 
audit trail outside of 
self-contained DRE 
computers — is still 
needed for safe elec- 
tions. 

Brit Williams begs 
to differ. The com- 
puter science profes- 
sor at Kennesaw 
State University in 
Georgia is often on the oppo- 
site side of the argument from 


| e-voting skeptics, but even his 


opponents credit him with 


| running, for the state of Geor- 
| gia, what may be the most 

| thorough voting machine in- 

| spection regime in the coun- 


try. While Georgia’s rigorous 
tests have discovered unreli- 


able units before they could be | 
| used at the polls, Williams 
| said he trusts the machines as 
| far as is necessary within a to- 


tal security framework. 
“People are looking at the 


| security of electronic voting 


machines from a purely tech- 
nical point of view, but securi- 
ty is a combination of physi- 
cal, legal and procedural mea- 
sures,” said Williams. He said 
a paper audit trail isn’t needed 
and would introduce logistical 


| problems. 


David Dill, a computer sci- 
ence professor at Stanford 
Calif., 
is a recent arrival to the elec- 


| tronic voting discussion: He 


said that prior to January 2003, 
he wasn’t deeply involved in 
any policy debates. But about 
a year ago, “it occurred to me 
that people were buying these 
machines, and nobody was 
minding the store,” Dill said. 
In addition to working to 
rally other technologists to his 
point of view via a Web site 
{QuickLink a3850], Dill got in- 
volved locally, in Santa Clara 


; County, when he heard about 


planned purchases of DREs. 
He credits that controversy 


| sued a mandate calling for 
voter-verifiable paper systems 


to be added to all polling units 
statewide. 
Ted Selker, an associate pro- 


| fessor at MIT’s Media Lab, pro- | 
| fesses to be “ 
| next guy about security.” 


as worried as the 
But 
he maintains that verification 
can be provided without paper, 


| and he has developed what he 


claims is a secure voting archi- 
tecture that uses multiple re- 
dundant software components. 
Selker said IT professionals 


| need to get involved locally, 
| but he wants to broaden the 
conversation to include how 


technology can improve other 


arts of the electoral process, 
P 


| such as voter registration. 


“In 2000, between | and 
3 million votes were lost in 


| registration database prob- 


lems,” he said. “It’s the top 
place votes get lost, and we’re 
not focused on this.” @ 43521 


Heichler ts editor in chief of the 


| IDG News Service. 


| BEHIND THE BALLOTING 


The new National Committee on Voting 

Integrity calls for e-voting paper audit trails: 
QuickLink 43083 
www.computerworld.com 


IT Pros Encouraged to Get Involved 


Regardless of their positions on 
the electronic voting issue, virtu- 
ally all involved in the debate say 
IT professionals can, and should, 
get involved. 

“Most IT people get it right 
away ~ we know how insecure 
machines are,” said Barbara Si- 
mons, a retired IBM researcher 
and past president of the Associ- 
ation for Computing Machinery in 
New York. That's why Simons 
wants IT professionals find out 
what's happening in their locali- 
ties - decisions on voting sys- 
tems are made statewide in some 
areas but occur at the township 
level in others. 

MIT associate professor Ted 
Selker would also like to see 
more technologists get involved 
as concerned citizens in their lo- 
cal jurisdictions. “We need IT pro- 
fessionals to volunteer to learn 
about elections and help local 
election officials,” he said. “IT 
professionals understand the im- 
portance and difficulty of making 
processes that do what you want 
them to do.” 

Getting to know local election 
Officials and gaining an under- 
standing of their problems will 
give IT people credibility in the 
debate, according to Erik Nilsson 


elections, your concerns will be 
better formed and consequently 
better received,” he said. “Com- 
puter people learning something 
about elections, and maybe help- 
ing election people understand 
that they might have some knowl- 
edge gaps about computers, is a 
good thing.” 

Rebecca Mercuri, whose name 
has become associated with vot- 
er-verifiable paper - she’s widely 
known for her Mercuri Method of 
including a paper audit trail within 
a DRE setup - comes by her elec- 
tion credentials honestly. She has 
been grappling with the issue of 
voting since she was a software 
developer-cum-local committee 
member in Bucks Country, Pa., in 
1989. And she still works at the 
polls on election day, she said. 

“This is what people can do: 
Go and be at the places where 
they are rolling out the new ma- 
chines,” Mercuri said. “By having 
the million eyes of IT profession- 
als out there, we can find out 
more about these systems and 
can start to flag stuff.” 

“Look into it, debate it and 
come to your own conclusion,” 
suggests Stanford University's 
David Dill. “Be opinion leaders in 
this question. This is going to 


have to be fought county by 
county and state by state.” 
- Elizabeth Heichler 


of Computer Professionals for 
Social Responsibility. “Once you 
understand something about 


with raising the alert and lead- 
ing to a recent victory for his 
group: Late last month, Cali- 
fornia’s secretary of state is- 


(“Goodyear Hits $100M 
Bump With ERP System”) mistakenly said that J.D. Power and Associates 
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FRANK HAYES #® FRANKLY SPEAKING 


Not So Naughty 


ANTA FROWNED at the computer screen. “Naughty,” he 

said. “Naughty. Naughty. Naughty. Naughty. I thought this 
spam filter was supposed to sort out the naughty e-mails 
from the nice ones. But these all seem to be naughty. And 
why would I want to add three inches? I’ve been trying to 


take inches off for years.” 


“Look, boss,” said the elf standing next to Santa’s desk with a red 


and green eyeshade and a clipboard, “I don’t want to be pushy, but 
you've got every spam cannon on the Internet aimed at you. You 


need to start leaning on the Delete key or you'll 
never be ready by the big night. Heck, a week 
and a half out, you haven’t even decided what 
to give everybody in the IT business.” 

“I suppose you're right,” Santa sighed. “What 
can we give Bill Gates, the man who has every- 
thing? I guess he’s not one for Bratz dolls or Cat 
in the Hat toys.” 

“I heard he put half the audience to sleep at 
Comdex this year,” said the elf. “Maybe some 
java would have helped. No, wait, Microsoft is 
getting rid of that, right?” 

‘Ho-ho,” said Santa. “How about a remote- 
control mini race car? It says here it’s the hot 
gift this year. Though I thought it was the hot 
gift last year....” 

“Focus, boss, focus,” the elf said. “What about 
Sun’s Scott McNealy? He’s taking on Microsoft 
on the desktop.” 

“Yes, he’s trying to get his Java Desktop Sys- 
tem onto PCs at Wal-Mart,” said Santa. “And 
Michael Dell has opened kiosks at big shopping 
malls. Some big Web-shopping boosters they 
are. How about some bricks and mortar for 
each of them?” 

“Or maybe just a brick,” muttered the elf. 
“Larry Ellison is next. He really wanted People- 
Soft this year.” 

“Last year, he wanted the Ameri- 
ca’s Cup,” said Santa. “He never gets 
what he wants. Let’s give him copies 
of Softwar and Everyone Else Must 
Fail and The Difference Between God 
and Larry Ellison. They’re all about 
his favorite subject. Next?” 

“Hasso Plattner,” said the elf. 

“He retired this year as top guy at 
SAP. He used to get up on stage 
with showgirls at SAP conferences, 
didn’t he? Let’s give him some new 
dancing shoes.” 

“Done,” Santa said. “And who are 





FRANK HAYES, Computer- 
world's senior news colum- 
nist, has covered IT for more 
than 20 years. Contact him at 


those guys at Novell who engineered that deal 
to get into the Linux business? If you knew 
SUSE like I know SUSE....” 

“Messman and Stone,” the elf said. “That 
does sound like a vaudeville act, doesn’t it? Bet- 
ter give them reading glasses, so they can catch 
all the fine print in the lawsuit The SCO Group 
will throw at them. And should we give SCO’s 
Darl McBride a lump of coal?” 

“It looks like the lawyers from IBM and Red 
Hat are already heaping the coals on him,” said 
Santa. “But we can give some lumps to Nicholas 
Carr, that self-promoter who wrote ‘IT Doesn’t 
Matter.’ And to the Department of Homeland 
Security, which just got an F on its own security 
report card. And to Diebold, the automated 
teller machine vendor whose ATMs got infect- 
ed by the Nachi worm.” 

“But what about all the good IT people who 
spent the year dealing with new regulations 
and offshoring and endless patches?” asked the 
elf. “Maybe they could use some brand-name 
pharmaceuticals at 70% off.” 

“Now who can’t get his mind off junk e-mail?” 
said Santa. “Besides, the best present I could 
give them would be to do something about all 
the spam they spend so much time fighting and 
maybe give spammers a load of 
their own....” 

“Boss, I don’t like that look 
you've got,” the elf said nervously. 
“T’ve got it!” said Santa with a 

none-too-jolly twinkle in his eye. 
“Load that old circus cannon on 
my sleigh, and call Hormel for 
some ammunition. I’m the one per- 
son who knows for sure who’s 
naughty and nice. And if spammers 
want to aim spam cannons at us, I 
know just the spiced-meat product 
to fire down their chimneys. Ho- 
ho-ho!” @ 43486 
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Do-It-Yourself Spam 

Infuriated executive tells pilot fish this well-known on- 
line retailer just won't stop sending her spam. “She 
claimed she had written to the company asking them 
to stop, but every day, she received yet another 
e-mail,” says fish. So fish sends an e-mail to the retail- 
er's customer service group explaining the situation 
and asking for help - and promptly receives an auto- 
matic response. That's when the penny drops. “They 
weren't actively sending her anything,” fish sighs. 
“Every time my user sent them an e-mail asking them 
to take her off their mailing list, she received an auto- 
response to the mail she sent.” 


Golan” SHARK 
amet twtct” TANK. Um, No 


about the fact 

that she’s being 

kicked out of the billing ; pilot fish’s gig is doing 
system every day just af- : installation and training 
ter 1 p.m. IT pilot fish re- : for a network manage- 
places the keyboard to : ment package, and he 
make sure that’s not ? thinks he’s heard it all. 
what's doing it, but final- : But at the first-day 

ly figures it out after set- : meet-and-greet session 
ting up a program that: at a big financial client, 
logs the user’s activities. : an executive still sur- 
“Seems the user goes to : prises him with his ques- 
lunch at fia.m.,and —_: tion: “If we have a com- 
user’s boss goes at : puter in a closet, un- 
back, user hasn't done —_: find it?” 


any work afterlunch- =: 
and after two hours of |_: It Never Ends 
inactivity, the system —_; It's the early 1970s, and 
was kicking her out.” _—_—: this intern pilot fish 

: draws the task of up- 
The Best Revenge : grading a program that 
fish is laid off, she hears : of precious metals. “The 
that a new directive has : could weigh scrap gold 
come down from the big : to eight-digit precision, 
bosses: All laid-off em- : but the computer would 
ployees aretobere- —_: only add it up to six dig- 
moved from the voice- _; its,” fish says. He re- 
mail system immediate- : writes the program so it 
tothem after anhour _—_: and the users are de- 
and told them the prob- : lighted - for the first 
lem,” fish says, “The  : month or two. “After | 
only one who knew how : left,” fish reports, “they 
to take people out of the | went out and bought a 
voice-mail system - me : new scale ~ with 14-digit 
~ just got laid off. {had a precision.” 


oe... 
sharky@computerworld.com. You snag a snazzy 
Shark shirt if we use it. And check out the daily feed, browse 
the Sharkives and sign up for Shark Tank home delivery at 


computerworld.com/sharky. 
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Join Us to Map 
the Future of IT 


Strategic problem-solving and peer networking with 
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Conference sessions will cover these critical areas: 
¢ Extending Data Management, Enterprise Integration and Web Services 


* Creating a Next-Generation Infrastructure, Reducing Complexity 
and Enhancing Business Value 


* Charting New Directions in IT Governance, Regulatory Compliance 
and Project Leadership 


¢ Advancing Security and Business Continuity 


Computerworld’s Premier 100 IT Leaders Conference is a dramatically different, high 
impact executive event. Now in its 5th year, this annual conference brings together 
hundreds of senior I ives for a compelling series of high-level cussion panels, 


presentations and peer networking activities. 


The Premier 100 IT Leaders for 2004 will be announced and profiled in our January 5, 
2004, issue of Computerworld and honored during a special ceremony at the March 7 
2004, conference. Rich with pee > and real-world case studies, the conference 
content is built directly from user feedback provided by the honorees themselves. Our 
editor. gn a no-nonsense agenda that features Premier 100 honorees and other IT 
leaders focusing exclusively on top-of-mind issues and concerns of senior IT management. 
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COMPUTERWORLD : MARCH7-9, 2004 


JW Marriott 
Desert Springs Resort 


Palm Desert, 
California 


IT LEADERS 


CONFERENCE 2004 


Exchange Innovative Ideas and 
Strategies with Computerworld’s 


Premier 100 IT Leaders who are: 


¢ Extending Data Management, Enterprise Integration 
& Web Services 


¢ Creating a Next-Generation Infrastructure, 
Reducing Complexity and Enhancing Business Value 


Charting New Directions in IT Governance, 
Regulatory Compliance & Project Leadership 


¢ Advancing Security & Business Continuity 


WHY YOU SHOULD ATTEND 


Are you responsible for mapping the future of your organization's informa- 
tion technology? Want to exchange innovative ideas and strategies with 
other top IT executives? Then attend Computerworld’s Premier 100 IT 
Leaders Conference, the ONLY conference where you can hear from - and 
network with - Computerworld’s Premier 100 IT Leaders. 


WHO ARE THE PREMIER 100? 


They are a unique set of award winning IT executives with valuable lessons 
to share and advice to offer YOU. They are technologists who understand 
business needs, take calculated risks and lead through innovation. They are 
ClOs, vice presidents of IT, directors of IT and business managers honored 
as Computerworld’s Premier 100 from a wide swath of vertical industries. 
When you attend this unique conference, you will hear proven examples of 
how these IT Leaders have advanced their organizations through innovative 
leadership and proven strategies. 


WHAT IS UNIQUE? 


Crafted by Computerworld editors, this conference offers a radical depar- 
ture from the standard IT event. With a focus on great ideas, best practices 
and real applications of IT strategy, you gain direct insight from leading user 
organizations. The major sessions provide highly interactive, entertaining 
discussions with IT Leaders and industry experts - each moderated by 
Computerworld editors in a town-hall meeting format. Key topics center on 
the intersection of technology and business in areas critically important to 
today’s IT manager. 
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Tuesday Keynote Address 
. David Bauer, First Vice President and Chief Information Security & 
: y Privacy Officer, Merrill Lynch 






The Once and Future Infrastructure: 
An Enterprise Reality Check 
Panel Moderator: Patrick Thibodeau, Senior Reporter, Computerworld 





IT teaders are inundates 
computing, but 
agit orate infr 








and future” in re primed for bus wth. 


Evaluating Infrastructure Renewal Through Scenario- 
Based Decision-Making 

Brian Leinbach, SVP of Operations, Delta Technology, Inc. (a unit of 
Delta Air Lines) 
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Riding a Tidal Wave of Change: Data siiaiinits 
Enterprise Integration and Web Services 
Panel Moderator: Don Tennant, News Editor, Computerworld 
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Steal This Great Idea: Audience Participation and Working Session 
Moderators: Maryfran Johnson, Editor in Chief, Computerworld, and Mark 
Hall, Opinions Editor/Columnist, Computerworld 
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PRE-CONFERENCE GOLF OUTING | Svorsored'ty eriSign 


March 7th, 12:00pm The Valué of True” 
The Pre-Conference Golf Outing at The Palm Course 
at the JW Marriot Desert Springs, is complimentary _ The Palm 
($165 value) for registered IT End-Users. (Other partici- Course 

pants, including sponsors and vendors, may play on an at JW Marriott 
ros anal’ basis and are responsible for all Desert Springs 
applicable golf expenses.) 





For details; contact Chris Lager at 508-820-8277 
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Visit www.premier100.com/cwt for an up-to-the-minute agenda. 





Project Disasters: How to Predict Them, Prevent Selling Security to Your Beady-Eyed, Bean-Counting CFO 
Them or Pull the Plug on Them I Doug Lewis, President, The Edge Consulting Group, Atlanta, 
Paul Glen, President of C2 Consulting, Computerworld Management and former CiO, InterContinental Hotels Group 
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Breakfast Address: Homeland Security: iT Governance, Risk Management and the Future 


Public/Private Partnerships & The Cost of Failure y of the IT Organization 
Dan Verton, Senior Reporter, Computerwor!d, and author of “Black Panel Moderator: Julia King, National Correspondent, Computerworld 


Ice: The Invisible Threat of Cyber Terrorism” 





at's gone wrong and why failure 


Integrating Human Capital: The Magic of Creative 
Adaptive Planning 


Moshe Rubinstein, UCLA Distinguished Engineering Professor, and 
author of “The Minding Organization” 


The Myth of Corporate Security: Why CiOs are Mad as 
Hell and not Going to Take it Anymore 
Alan Paller, Executive Director of Research, SANS Institute 
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Mobilize for Innovation 
Thornton May, Futurist and Computerworld Columnist 





No More Excuses: Responding to the Demands of Data 
Privacy Laws, Regulatory Compliance and Other Business 
Mandates on Corporate IT Security 


Panel Moderator: Dan Verton, Senior Reporter, Computerworld, and author of 
“Black Ice: The Invisible Threat of Cyber Terrorism” 





Solve My Problem: A Town Hall Meeting on Risk 
Management and Project Leadership 





Gala Evening: “Best in Class” Awards Ceremony, Dinner, 
Honoree Recognition and Entertainment 


1 “Best in Class” a seen pent en How to Ruin Your Life 
A fast-paced trio of user and audience Q&A, featuring the most innovative, high-impact case stud ;? Ben Stein, Author, Humorist, Lawyer, Economist, 
from the Premier 100 honoree ‘a Actor and Educator 
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Visit our website at: www.premier100.com/cwt 


COMPUTERWORLD 
Earlybird Full/On-Site 
Registration 


OPTIONS: 


apa Sg NC me Rh NO ING EE SORE Registration 


Network 


ITEnd-Use* | «$1,495 


IT LEADERS =| == 4850 
CONFERENCE 


March 7-9, 2004 
JW Marriott Desert 
Springs Resort 


i ions? 
Palm Desert, California Questions about accommodations? 


Ri dati t: ‘ tral. : sos 
Ene Please Call 1-800-340-2262 or Email: eventhousing@idg.com 


Registration Information: (This section must be completed in order to process your application) 


FirstName: Middle Initial: LastName: 


___ Company 


Suite, Apt., etc 





State/Prov; Zip/Postal Code: 


Country: Phone Number ze Extension: 


Fax Number:_ _ E-MailAddress; 





J Special Services Required? (P 


Would you like to receive information about the golf outing on Sunday, March 7th? CO) Yes CI Nec 


Attendee Profile: (This section must be completed in order to process your application) 
your organization's most mission Check (ct 
levelopment/Implementation Compute 
, Mail 
Framingh 
(American Express CL VISA CJ MasterCard 
Account Number 


oO 


2 item that best describ 


iT t is the estimated annual revenue 
felt 


ur entire organization? 


Expiration Date; 


Card Holder Name 


Signature of Card Holder 


Cancellation Policy «a 

In the event of cancellation, the registrant has three options 

1) He or she may substitute another attendee for this conference 

2) He or she may transfer this registration to Computerworld’s 2005 Premier 100 IT 
Leaders conference 

3) The registration fee will be refunded, less a $250 service charge, if written 
notice is received by February 16, 2004 


= OO OOCOOOCOCOCOCOOCOOOOOCOOCOS 


Please send cancellation requests via email to p100reg@computerworld.com 


ooogooos 
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STORAGE MEDIA TO FIT ANY SIZE BUSINESS 


No matter how large or small your data SCE UE RETEST ROE ROR Tt PO arate 
NUE eR EL) 1 SUR UEP eRe ey] CUS UM CELT 
CAEL OSCR LORS TTC TT ane mm ecT ELa EY CoM tlt es PO CRT mR CR ele storage 
media for enterprise, network and desktop customers all over the world. Find out more at: www.imation.com ADVANCING DATA STORAGE. 





IBM 
On Demand 


Only Pay for the 
Processors You Use 


But it’s $46,875 Per Processor 


One to 32 Processors 
in a Single Large IBM Server 


Oracle 
Grid 


Only Pay for the 
Processors You Use 


$3,089 Per Processor 


Two to 128 Processors 
in a Cluster of Small Servers 


ORACLE: 


oracle.com/grid 
or call 1.800.633.0753 


Comparison is based on a single IBM pSeries 690 Server versus a grid of small servers. Per processor prices are list prices for IBM pSeries 690: 
$46,875 per 1.7 GHZ PowerPC Processor compared to average list prices of Dell PowerEdge 2650: $2,656 per single 2.8 GHZ Intel Xeon Processor; 
HP ProLiant DL380 G3: $3,038 per single 2.8 GHZ Intel Xeon Processor; IBM xSeries 335: $3,378 per single 2.8 GHZ Intel Xeon Processor and 
Sun Fire V65x: $3,282 per single 2.8 GHZ Intel Xeon Processor. 


right © 2003, Oracle Corporation. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. 





